[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sks-devel] Re: keyids in signatures getting corrupted, GPG and/or Debia
|
From: |
Jason Harris |
|
Subject: |
[Sks-devel] Re: keyids in signatures getting corrupted, GPG and/or Debian problem? |
|
Date: |
Thu, 1 Apr 2004 16:56:34 -0500 |
|
User-agent: |
Mutt/1.4.2.1i |
On Thu, Apr 01, 2004 at 03:34:26PM -0500, David Shaw wrote:
> On Thu, Apr 01, 2004 at 02:32:14PM -0500, Jason Harris wrote:
> > > All of that said, I'm not too worried about this. It's annoying, but
> > > ultimately harmless. The corrupt sig will not validate (though the
> > > sig itself is actually good, the bad issuer means the key that issued
> > > it will never be found), so it will be ignored.
> >
> > Except where the issuer is irrelevant.
>
> I'm afraid I don't follow that comment. The issuer is always
> relevant, as it is used to find the key that issued the signature.
As the GPG output in my last message demonstrates, GPG disregards
the issuer in subkey binding signatures. While the RFC specifies
the issuer be included in subkey binding signatures, it also only
allows for the parent pubkey to issue such signatures. Therefore,
the issuer of subkey signatures is currently irrelevant, a priori.
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
address@hidden _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
pgpcGfCor2wdV.pgp
Description: PGP signature