Re: [Sks-devel] key dump

[Tobias Mueller]

Heya :)

On Fri, Jun 08, 2012 at 10:11:11AM +0200, Sebastian Urbach wrote:
> [...] if something goes wrong
> with the import. Better loose 5000 than 15000 keys.
For the fun of it, I tried to parse a few weekly dumps and very often, 
not even GPG can successfully parse the packets, i.e. gpg --list-packets 
fails. Usually with "gpg: mpi too large for this implementation (56104 
bits)" but there is a myriad of errors, i.e.
gpg: subpacket of type 16 too short
gpg: mpi larger than indicated length (517 bytes)
gpg: mpi larger than indicated length (0 bytes)
gpg: signature packet: unhashed data too long
gpg: signature packet: hashed data too long
gpg: mpi larger than indicated length (514 bytes)
gpg: packet(14) too short

I usually can parse 30 to 40 out of the 206 or 207 dumps (probably 
containing 15k keys each).

So I appreciate that the dumps will contain less keys.

I wonder why that is though.
Do I have I download or memory problems (on multiple machines..?)?
Is that just malicious data which landed in the pool?
Or is SKS better on parsing OpenPGP packets than GnuPG? Because one 
offending key seems to be 0x5df5c3733a6ced98 which, according to 
http://gpg.spline.inf.fu-berlin.de:11371/pks/lookup?search=0x5DF5C3733A6CED98&fingerprint=on&hash=on&op=vindex
 
is successfully parsed by SKS. Same thing for 0xb51b4b095356aac8 or 
0x857625223295AAB2.
It appears to be keys that carry signature from 0x9710B89BCA57AD7C, the 
"PGP Global Directory Verification Key".

Cheers,
  Tobi