[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] sks patch to refuse poison key

From: Shengjing Zhu
Subject: [Sks-devel] sks patch to refuse poison key
Date: Mon, 16 Jul 2018 13:18:52 +0800
User-agent: Mutt/1.10.0 (2018-05-17)

On Sun, Jul 15, 2018 at 06:28:24PM +1000, Haw Loeung wrote:
> I don't think these patches should land in SKS. It's to work around
> one key and doesn't scale very well. Instead, I think more work should
> be done adding the ability to not accept and send keys of a certain
> size as well as options to exclude specific list of keys. I'm not sure
> if there's another mailing list used by SKS developers to discuss
> this.

Thanks, I see the patches hard code key id, so I think it shouldn't land in
upstream too.

> If you're interested in the patches, you should be able to download
> the *.debian.tar.xz file from the link below:
> | 
> Extract that and the series of patches to-date are:
> | 0012-poison-key.patch
> | poison-key-id-update
> | 0014-poison-key-output-fix
> | 0091-pjdc-compare-short-keyid.patch

I don't know ocaml, but these patches are in a mess, shouldn't it be
simplified to,

diff --git a/ b/
index 949a1f4..7ff976a 100644
--- a/
+++ b/
@@ -1166,6 +1166,11 @@ struct
       if has_hash hash then [] else
         let keyid = Fingerprint.keyid_from_key ~short:true key in
+        let keyid_long = Fingerprint.keyid_to_string ~short:false 
(Fingerprint.keyid_from_key ~short:false key) in
+        (* Blacklist poison key - RT#112669 *)
+        plerror 4 "considering keyid %s" keyid_long;
+        if List.mem keyid_long ["E41ED3A107A7DBC7"] then [] else
         let potential_merges = List.filter ~f:(fun x -> x <> key)
                                  (get_by_short_keyid keyid)

Best regards,
Shengjing Zhu

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]