Re: [Sks-devel] another bounds problem in SKS

[Peter Palfrader]

On Sun, 03 Oct 2004, Yaron Minsky wrote:

> On Sun, 3 Oct 2004 10:58:17 -0400, Yaron Minsky <address@hidden> wrote:
> > On Sun, 3 Oct 2004 15:29:09 +0200, Dinko Korunic <address@hidden> wrote:
> > >
> > > Is this normal? Are all of these keys having the wrong MPI size?
> > >
> > > 2004-10-03 15:26:51 /pks/lookup: Index request: (0xc5c0c5c7218d18d7)
> > > 2004-10-03 15:26:54 Error fetching uid during VIndex for keyid 
> > > 0x6C76178CA0ED982D: ParsePGP.Overlong_mpi
> > > 2004-10-03 15:26:54 Error fetching uid during VIndex for keyid 
> > > 0xBF41595B7372A2A5: ParsePGP.Overlong_mpi
> > > 2004-10-03 15:26:56 Error fetching uid during VIndex for keyid 
> > > 0x6C76178CA0ED982D: ParsePGP.Overlong_mpi
> > > 2004-10-03 15:26:56 Error fetching uid during VIndex for keyid 
> > > 0xBF41595B7372A2A5: ParsePGP.Overlong_mpi
> > > 2004-10-03 15:26:57 Error fetching uid during VIndex for keyid 
> > > 0x6C76178CA0ED982D: ParsePGP.Overlong_mpi
> > > 2004-10-03 15:26:58 Error fetching uid during VIndex for keyid 
> > > 0xBF41595B7372A2A5: ParsePGP.Overlong_mpi
> > >
> 
> First, yes, those keys are busted.  
> 
> Second, you can now check for yourself.  With the latest patch
> (patch-22), you can ask for the raw key without any presentation
> filters required.  Putting "clean=off" in the request url will disable
> all key cleaning. So now you can see the status of those keys by
> yourself, by grabbing the  key directly and looking at it via pgpdump.
> 
> Third, those error messages won't come up anymore, since keys are now
> by default cleaned before the UID is fetched from them.
> 
> y
> 
> (note, if no further patches come up, I will tag this as 1.0.8 and
> release it by Monday.)

So, if two servers recon, they will exchange hashes of the "broken"
keys.  Then, they will fetch the key from the peer, using a get on the
hash.

Will they fetch a key with or without presentation filters applied?

-- 
Peter