ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

MDCs and PGP 6.5.1b15

1999-05-17 06:18:48
from [Werner Koch] [Permanent Link] 
Hi,

I think I found a reason why NAI argues against MDCs in signature
packets.  There is a key which caused some key servers to crash and
it seems that this one has been created by a new PGP version.  The
key looks like this:

:public key packet:
        version 3, algo 1, created 838857600, expires 0
        pkey[0]: [1024 bits]
        pkey[1]: [17 bits]
:user id packet: "Thawte Server CA <server-certs(_at_)thawte(_dot_)com>"
:signature packet: algo 0, keyid 0000000000000000
        version 4, created 0, md5len 0, sigclass 10
        digest algo 1, begin of digest 00 00
        hashed subpkt 2 len 5 (sig created 1996-08-01)
        hashed subpkt 3 len 5 (sig expires after 24y158d23h59m)
        hashed subpkt 5 len 3 (trust signature)
        hashed subpkt 100 len 795 (?)
        unknown algorithm 0
  
So we have all the stuff Tom proposed for MDCs in signature packets:
keyid of zero and a public key algorithm identifier of zero.  The
private subpacket with id 100 maybe a X509 certificate - I have not
analyzed it.

If this has really been created by PGP, why didn't tell NAI us about
it?  

Tom, what about changing your MDC to use a unhashed subpacket for the
MDC instead of an MPI?  I think this will be a much nicer solution and
I wonder why we didn't came up with this earlier.



-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 6.5.1b15
Comment: Digital Signatures ensure message authenticity

mQCPAzH/84AAAAEEANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSG
Hg91yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcE
JRCXL+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNABEB
AAG0KlRoYXd0ZSBTZXJ2ZXIgQ0EgPHNlcnZlci1jZXJ0c0B0aGF3dGUuY29tPokD
OgQQAAEDLQUCMf/zgAUDLe5yfwMF/3jCW2QBAQMwggMTMIICfKADAgECAgEBMA0G
CSqGSIb3DQEBBAUAMIHEMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD
YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoTFFRoYXd0ZSBDb25zdWx0
aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u
MRkwFwYDVQQDExBUaGF3dGUgU2VydmVyIENBMSYwJAYJKoZIhvcNAQkBFhdzZXJ2
ZXItY2VydHNAdGhhd3RlLmNvbTAeFw05NjA4MDEwMDAwMDBaFw0yMDEyMzEyMzU5
NTlaMIHEMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYD
VQQHEwlDYXBlIFRvd24xHTAbBgNVBAoTFFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgw
JgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMRkwFwYDVQQD
ExBUaGF3dGUgU2VydmVyIENBMSYwJAYJKoZIhvcNAQkBFhdzZXJ2ZXItY2VydHNA
dGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA06RQbsj/Vmvm
z1226gxodUeiqsLahCX8qPRHUdqFtSB0lIYeD3XJ6Qhh9QZtMG4VGQLpUsBi202Z
nuJqDEQ4zf6+42QJcMX+sWspti9JyDvUJwQlEJcv55BtwChCmddMQ97D9SFtVJ9d
w1jhwOTZW7C43LR73zY6wrVmIhLWhw0CAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB
/zANBgkqhkiG9w0BAQQFAAOBgQAH+kxpXPuVzEbuhYNNITCOytmob0ka5tpR42Bw
bIRhEaEayEg+WUN9T5U9oYu3C2KYenWK3YhOTp5A26jMMnS5bw3G47NEC9mKb5op
m5kYKDvR40Aomlo81bXnIBuLyqSrjelR2eJMLFmp2rmydRv2QvLvx/IY+Ym8o/+K
Iy5wRwAAAAAAAQE=
=I22I
-----END PGP PUBLIC KEY BLOCK-----

-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  珠澳物业广场, Mikit Woo
Next by Date:  Re: MDCs and PGP 6.5.1b15, hal
Previous by Thread:  珠澳物业广场, Mikit Woo
Next by Thread:  Re: MDCs and PGP 6.5.1b15, Tom Zerucha
Indexes:  [Date] [Thread] [Top] [All Lists]