Re: [Sks-devel] Re: Type 20 ElGamal Sign/Encrypt keys

[Peter Palfrader]

On Wed, 26 Nov 2003, Yaron M. Minsky wrote:

> > > if you check out
> > > http://keyserver.noreply.org:11371/pks/lookup?search=csmall%40debian.org&op=index
> > > you find a key 6D1DD6B3.
> > > 
> > > When I download that key and import it, gpg claims its keyid is
> > > A29C8EAE.  Is this a bug in SKS?
> > > 
> > > address@hidden:~$ wget -q -O - 
> > > 'http://keyserver.noreply.org:11371/pks/lookup?op=get&search=0xA54ABF776D1DD6B3'
> > >  | gpg
> > > pub  1024G/A29C8EAE 1998-07-06 Craig Small <address@hidden>
> > 
> > This is a key that was created with old GnuPG that still had the md-encode 
> > bug, if that matters.
> Hmm.  I'm a bit confused.  RFC2440bis-draft suggests that V3 keys must
> be RSA keys --- and the keyid calculation is done accordingly.  But your
> email suggests that this is an elgamal key.  It's certainly a V3 key, so
> is this a broken key?  Anyone know more about this?

Something was broken, and gpg with the --emulate-md-encode-bug can
verify the self sig again.  It may be that the key is broken, or just
the sig - I don't know.

SKS appears to handle other alg type 20 keys properly, like
http://keyserver.noreply.org:11371/pks/lookup?search=wagner%40debian.org&op=index

So maybe just forget the whole thing.  There are not many ElGamal type
20 keys, and there will be even less RSN.  And the 'good' type 20 keys
seem to work anyway.  Just thought you might know any details on this.

Peter
-- 
 PGP signed and encrypted  |  .''`.  ** Debian GNU/Linux **
    messages preferred.    | : :' :      The  universal
                           | `. `'      Operating System
 http://www.palfrader.org/ |   `-    http://www.debian.org/

signature.asc
Description: Digital signature