[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] expiration date in machine readable results
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
Re: [Sks-devel] expiration date in machine readable results |
|
Date: |
Thu, 18 Oct 2012 20:17:49 -0400 |
|
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:10.0.9) Gecko/20121015 Icedove/10.0.9 |
On 10/18/2012 07:39 PM, Daniel Kahn Gillmor wrote:
> get_times in ParsePGP.ml checks the subpacket type against
> ssp_exptime_id, which is set to 3 (which is correct, afaict [3]).
ah, looking a bit closer, i think i understand the situation here.
when gpg sets the key expiration time, it does so by creating a key
expiration subpacket (subpacket id 9) in the self-sig binding each User
ID to the primary key.
There is no signature expiration subpacket (subpacket id 3) in the
self-sig which binds the User IDs to the key at all.
Unfortunately, the fix is not so simple as changing ssp_exptime_id from
3 to 9, since the two subpackets' values' are measured differently.
signature expiration subpackets are measured in seconds from the
signature creation time, and key expiration subpackets are measured in
seconds from key creation time.
looking deeper at the code and the spec, it looks like we can't possibly
get expiration from v4 primary key packets themselves.
So it loos like sks needs to trawl all associated self-sigs (uids and
direct-key sigs, but not subkey binding signatures -- and i don't think
user attribute self-sigs matter for this either, since at least one uid
is mandatory but one uat is not) for key expiration times, and aggregate
them somehow into a maximum?
something like (in pseudocode):
if pub.expires is None:
for each pub.uids as uid:
if uid.is_not_revoked:
mss = get_selfsig_with_max_creation_time(uid.selfsigs)
if mss.key_expiration is not None:
if pub.expires is None or pub.expires < mss.key_expiration:
pub.expires = mss.key_expiration
for each pub.directsigs as dsig:
if dsig.key_expiration is not None:
if pub.expires is None or pub.expires < dsig.key_expiration:
pub.expires = dsig.key_expiration
i'm a little unsure of the logic about the direct signatures. perhaps
it should just select the key expiration time from the most recent
direct signature?
If a direct signature gets made on a key at time T with a key expiration
subpacket of X seconds from creation, and then another direct signature
gets made at time T+1 with a key expiration subpacket of X-1 seconds
from creation, should the resulting expiration be X or X-1 ?
What if the newer direct signature has no key expiration subpacket at all?
--dkg
signature.asc
Description: OpenPGP digital signature