gpg > addphoto

[Stefan Claas]

Hi Werner and all,

may i ask who had the brilliant idea to allow super large photos
in OpenPGP keys?

I ask, because when one likes to add a photo GnuPG recommends
the size of 240x288 Pixels, which is a good choice.

However when looking at parse-packet.c it says at line 44:

#define MAX_ATTR_PACKET_LENGTH    ( 16 * 1024*1024)

Isn't this not a bit to much? I mean if i am right those
numbers mean 16MB for me.

To test this out i created a 24bit color gradient image
8000x8000 pixels in size and GnuPG says:

[ unbekannt ] (2)  [jpeg image of size 3889016] so
only little bit lesser than 4MB.

Was this large image size requested so that people
in crypto circles can hide stuff in images etc. and then
use key servers as secret distribution medium?

Just curious, because otherwise it would not make to
much sense to me.

Regards
Stefan