[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Can SKS cope with the same key (and same fingerprint) in
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
Re: [Sks-devel] Can SKS cope with the same key (and same fingerprint) in two different roles? |
|
Date: |
Fri, 22 May 2009 13:20:49 -0400 |
|
User-agent: |
Mozilla-Thunderbird 2.0.0.19 (X11/20090103) |
On 05/15/2009 03:36 PM, David Shaw wrote:
> On May 15, 2009, at 10:09 AM, Daniel Kahn Gillmor wrote:
>
>> Has anyone tested this? do you forsee any problems should such a pair
>> of keys be injected into the SKS pool?
>
> This is not exactly common, but there are a few keys like this stored in
> SKS already. See keys 3D7D41E3 and D9F57808 for an example.
I see. 3D7D41E3 and its subkey 1E88BF71 are also subkeys of D9F57808.
But while the keyservers report [0] that 1E88BF71 has a still-valid
subkey binding signature against D9F57808, gpg seems to ignore that
subkey-binding signature:
0 address@hidden:~$ gpg --fixed-list-mode --with-colons --check-sigs
--list-options show-unusable-subkeys D9F57808 | awk '/^sub:.*1E88BF71:/{
FOUND=1; } { if (FOUND) { print $0 } }'
sub:e:2048:16:6C6EEE7A1E88BF71:1065237572:1138176749:::::e:
sig:!::1:B88D52E4D9F57808:1084349549::::Atom Smasher <address@hidden>:18x:
0 address@hidden:~$
Do you think this a problem with gpg, a problem with SKS, or
a problem with this particular signature? Is it possible that this
subkey-binding signature has been somehow misapplied because 1E88BF71
is a subkey of two different primary keys?
Or is it some other problem entirely?
--dkg
[0]
http://zimmermann.mayfirst.org/pks/lookup?op=vindex&search=0xB88D52E4D9F57808
signature.asc
Description: OpenPGP digital signature