ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PGP 6.5

1999-05-18 08:22:16
from [William H. Geiger III] [Permanent Link] 

In <9905141503(_dot_)AA04090(_at_)h2np(_dot_)suginami(_dot_)tokyo(_dot_)jp>, on 
05/14/99 
   at 10:03 AM, Hironobu Suzuki 
<hironobu(_at_)h2np(_dot_)suginami(_dot_)tokyo(_dot_)jp> said:



If you send me a copy of the key I can analyze it for you.



Thanks. I'll send you it.


Hi,

I have done a partial analysis of the key. It should be noted that this is
not a key generated by PGP 6.5.x but it has been processed by it. The key
in question was generated & signed 1996-08-01, and it is a RSA public key.
The error is in the self signature which has a signature algorithm of '00'
which is an undefined and illegal value for a public key algorithm. Some
of the other signature items look questionable. I am not sure why a bad
signature would cause the servers to crash, it should not (I am not even
sure why a signature would affect the server at all).


I did a search on the Public Key Servers and could not find this key
(keyID 0x12D6870D) on any of them (or for that matter any PGP key for
<server-certs(_at_)thawte(_dot_)com>). I did find a copy of this key on the 
NAI's
LDAP server. 

As a side note:

There seems to be a problem with the LDAP search engine. A search of the
server by userID parameter of: server-certs(_at_)thawte(_dot_)com does not find 
the
above key. A search by exact keyID does find the key.

A second side note:

I have my doubts about Thawte. I could not find their PGP key anywhere on
their site. In addition to this their SSL cert for their webpages expired
in '96 !!! This does not lend confidence to a CA, IMNSHO.

-- 

Analysis of the key follows:

 Public Key Block:
 =================

 99          -- 1 0 0110 01 : Old format, Public Key, Next 2 octets Length
 00 8F       -- Length 143 octets
 03          -- Version 3
 31 FF F3 80 -- Creation Date: 1 Aug 1996
 00 00       -- Expiration Date: Never
 01          -- Public Key Algorithm: RSA
 04 -> 0D    -- MPI #1 Public Modulus n
 04 00       -- MPI #1 Length 130 octets (128 + 2 length octets)
 00 -> 01    -- MPI #2 Exponent e 
 00 11       -- MPI #2 Length 5 octets (3 + 2 length octets)

 64 Bit KeyID:  C2 B5 66 22 12 D6 87 0D
 32 Bit KeyID:  12 D6 87 0D

 Raw Data Block:

 99 00 8F 03 31 FF F3 80 00 00 01 04 00 D3 A4 50
 6E C8 FF 56 6B E6 CF 5D B6 EA 0C 68 75 47 A2 AA
 C2 DA 84 25 FC A8 F4 47 51 DA 85 B5 20 74 94 86
 1E 0F 75 C9 E9 08 61 F5 06 6D 30 6E 15 19 02 E9
 52 C0 62 DB 4D 99 9E E2 6A 0C 44 38 CD FE BE E3
 64 09 70 C5 FE B1 6B 29 B6 2F 49 C8 3B D4 27 04
 25 10 97 2F E7 90 6D C0 28 42 99 D7 4C 43 DE C3
 F5 21 6D 54 9F 5D C3 58 E1 C0 E4 D9 5B B0 B8 DC
 B4 7B DF 36 3A C2 B5 66 22 12 D6 87 0D 00 11 01
 00 01 



 UserID Block:
 =============

 B4       -- 1 0 1101 00 : Old format, UserID Key, Next octet length
 2A       -- Length 42 octets
 54 -> 3E -- UserID
 
 UserID: Thawte Server CA <server-certs(_at_)thawte(_dot_)com> 

 Raw Data:

 B4 2A 54 68 61-77 74 65-20 53 65 72 76 65
 72 20 43 41 20 3C 73 65-72 76 65 72 2D 63 65 72
 74 73 40 74 68 61 77 74-65 2E 63 6F 6D 3E 


 Signature Block:
 ================

 89        -- 1 0 0010 01 : Old format, Signature, Next 2 octets length
 03 3A     -- Length 826 octets
 04        -- Version 4 signature
 10        -- Signature on PubKey & UserID
 00        -- Public Key Algorithm 0 <=== ERROR!!!
 01        -- MD5 Hash
 03 2D     -- Hashed SubPacket Length 813 octets
 05 -> 47  -- Hashed SubPacket Data
 00 00     -- Unhashed SubPacket Length 0 octets
 00 00     -- Left 16 bits signed hash value
 00 01     -- MPI #1 length 3 octets (1 + 2 length octets)
 01        -- MPI #1 RSA signature value m**d
 

 Hashed SubPacket Data:

 05           -- Length 5 octets
 02           -- Type: Creation Date
 31 FF F3 80  -- 1 Aug 1996
 
 05           -- Length 5 octets
 03           -- Type: Expiration Date
 2D EE 72 7F  --

 03           -- Length 3
 05           -- Type: Trust Signature
 FF 78        -- Trust Level 255, Trust Amount 120 (complete)

 C2 5B        -- Length 795
 64           -- Type: Unknown [100] Internal Use


 Raw Data:

 89 03
 3A 04 10 00 01 03 2D 05-02 31 FF F3 80 05 03 2D
 EE 72 7F 03 05 FF 78 C2-5B 64 01 01 03 30 82 03
 13 30 82 02 7C A0 03 02-01 02 02 01 01 30 0D 06
 09 2A 86 48 86 F7 0D 01-01 04 05 00 30 81 C4 31
 0B 30 09 06 03 55 04 06-13 02 5A 41 31 15 30 13
 06 03 55 04 08 13 0C 57-65 73 74 65 72 6E 20 43
 61 70 65 31 12 30 10 06-03 55 04 07 13 09 43 61
 70 65 20 54 6F 77 6E 31-1D 30 1B 06 03 55 04 0A
 13 14 54 68 61 77 74 65-20 43 6F 6E 73 75 6C 74
 69 6E 67 20 63 63 31 28-30 26 06 03 55 04 0B 13
 1F 43 65 72 74 69 66 69-63 61 74 69 6F 6E 20 53
 65 72 76 69 63 65 73 20-44 69 76 69 73 69 6F 6E
 31 19 30 17 06 03 55 04-03 13 10 54 68 61 77 74
 65 20 53 65 72 76 65 72-20 43 41 31 26 30 24 06
 09 2A 86 48 86 F7 0D 01-09 01 16 17 73 65 72 76
 65 72 2D 63 65 72 74 73-40 74 68 61 77 74 65 2E
 63 6F 6D 30 1E 17 0D 39-36 30 38 30 31 30 30 30
 30 30 30 5A 17 0D 32 30-31 32 33 31 32 33 35 39
 35 39 5A 30 81 C4 31 0B-30 09 06 03 55 04 06 13
 02 5A 41 31 15 30 13 06-03 55 04 08 13 0C 57 65
 73 74 65 72 6E 20 43 61-70 65 31 12 30 10 06 03
 55 04 07 13 09 43 61 70-65 20 54 6F 77 6E 31 1D
 30 1B 06 03 55 04 0A 13-14 54 68 61 77 74 65 20
 43 6F 6E 73 75 6C 74 69-6E 67 20 63 63 31 28 30
 26 06 03 55 04 0B 13 1F-43 65 72 74 69 66 69 63
 61 74 69 6F 6E 20 53 65-72 76 69 63 65 73 20 44
 69 76 69 73 69 6F 6E 31-19 30 17 06 03 55 04 03
 13 10 54 68 61 77 74 65-20 53 65 72 76 65 72 20
 43 41 31 26 30 24 06 09-2A 86 48 86 F7 0D 01 09
 01 16 17 73 65 72 76 65-72 2D 63 65 72 74 73 40
 74 68 61 77 74 65 2E 63-6F 6D 30 81 9F 30 0D 06
 09 2A 86 48 86 F7 0D 01-01 01 05 00 03 81 8D 00
 30 81 89 02 81 81 00 D3-A4 50 6E C8 FF 56 6B E6
 CF 5D B6 EA 0C 68 75 47-A2 AA C2 DA 84 25 FC A8
 F4 47 51 DA 85 B5 20 74-94 86 1E 0F 75 C9 E9 08
 61 F5 06 6D 30 6E 15 19-02 E9 52 C0 62 DB 4D 99
 9E E2 6A 0C 44 38 CD FE-BE E3 64 09 70 C5 FE B1
 6B 29 B6 2F 49 C8 3B D4-27 04 25 10 97 2F E7 90
 6D C0 28 42 99 D7 4C 43-DE C3 F5 21 6D 54 9F 5D
 C3 58 E1 C0 E4 D9 5B B0-B8 DC B4 7B DF 36 3A C2
 B5 66 22 12 D6 87 0D 02-03 01 00 01 A3 13 30 11
 30 0F 06 03 55 1D 13 01-01 FF 04 05 30 03 01 01
 FF 30 0D 06 09 2A 86 48-86 F7 0D 01 01 04 05 00
 03 81 81 00 07 FA 4C 69-5C FB 95 CC 46 EE 85 83
 4D 21 30 8E CA D9 A8 6F-49 1A E6 DA 51 E3 60 70
 6C 84 61 11 A1 1A C8 48-3E 59 43 7D 4F 95 3D A1
 8B B7 0B 62 98 7A 75 8A-DD 88 4E 4E 9E 40 DB A8
 CC 32 74 B9 6F 0D C6 E3-B3 44 0B D9 8A 6F 9A 29
 9B 99 18 28 3B D1 E3 40-28 9A 5A 3C D5 B5 E7 20
 1B 8B CA A4 AB 8D E9 51-D9 E2 4C 2C 59 A9 DA B9
 B2 75 1B F6 42 F2 EF C7-F2 18 F9 89 BC A3 FF 8A
 23 2E 70 47 00 00 00 00-00 01 01



-- 
---------------------------------------------------------------
William H. Geiger III  http://www.openpgp.net
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii

Hi Jeff!! :)
---------------------------------------------------------------

begin 666 65_test.asc
M+2TM+2U"14=)3B!01U`(_at_)4%5"3$E#($M%62!"3$]#2RTM+2TM#0I697)S:6]N
M(_dot_)B!01U`(_at_)-BXU+C%B,34-"@T*;5%#4$%Z2"\X-$%!04%%14%.3VM51S=)+S%:
M<C5S.61T=6]-84A62&]Q<D,R;U%L+TMJ,%(Q2&%H8E5G9$I31PT*2&<Y,7EE
M:TE99E5'8E1"=492:T,V5DQ!671T3FU:-VEA9WA%3TTS*W9U3FM#6$1&+W)&
M<DMB67938V<W,4-C10T*2E)#6$PK95%B8T%O47!N6%1%4&5W+U5H8E939EAC
M3EDT8T1K,E9U=W5.>3!E(_dot_)3(_at_)R3W-+,5II25,Q;V-.04)%0(_at_)T*04%',$ML4F]9
M6&0P6E-"5%I82C):6$EG43!%9U!(3FQC;EIL8VDQ:EI82C!C,$(P84=&,V1'
M5759,CET4&]K1`T*3V=144%!141,455#368O>F=!541,935Y9G=-1B\S:D-7
M,E%"05%-=V=G351-24E#9DM!1$%G14-!9T5"34$P1PT*0U-Q1U-)8C-$445"
M0D%504U)2$5-47-W0U%91%9144=%=TIA451%5DU"34=!,55%0T)-358R5GID
M1U9Y8FE"1`T*65A";$U227=%05E$5E%12$5W;$196$)L2492=F0R-'A(5$%B
M0F=.5D)!;U1&1E)O65AD,%I30D1B,C5Z9%=X,`T*85<U;DE'3FI-4V=W2F=9
M1%9144Q%>#E$6EA*,&%76G!9,D8P85<Y=4E&3FQC;EIP63)6>DE%4G!D;6QZ
M85<Y=0T*35)K=T9W641645%$17A"56%'1C-D1U5G53)6>61M5GE)14Y"35-9
M=TI!64I+;UI):'9C3D%1:T)&:&1Z6EA*,@T*6EA)=%DR5GED2$Y!9$=H:&0S
M4FQ,;4YV8E1!949W,#5.:D$T341%=TU$07=-1$)A1G<P>4U$17E->D5Y37I5
M-0T*3E1L84U)2$5-47-W0U%91%9144=%=TIA451%5DU"34=!,55%0T)-358R
M5GID1U9Y8FE"1%E80FQ-4DEW14%91`T*5E%12$5W;$196$)L2492=F0R-'A(
M5$%B0F=.5D)!;U1&1E)O65AD,%I30D1B,C5Z9%=X,&%7-6Y)1TYJ35-G=PT*
M2F=91%9144Q%>#E$6EA*,&%76G!9,D8P85<Y=4E&3FQC;EIP63)6>DE%4G!D
M;6QZ85<Y=4U2:W=&=UE$5E%11`T*17A"56%'1C-D1U5G53)6>61M5GE)14Y"
M35-9=TI!64I+;UI):'9C3D%1:T)&:&1Z6EA*,EI82719,E9Y9$A.00T*9$=H
M:&0S4FQ,;4YV8E1#0FYZ04Y"9VMQ:&MI1SEW,$)!445&04%/0FI107=G66M#
M9UE%03`V4E%B<VHO5FUV;0T*>C$R,C9G>&]D565I<7-,86A#6#AQ4%)(561Q
M1G130C!L25EE1#-82C91:&@Y45IT34<T5D=13'!5<T)I,C`R6(_at_)T*;G5*<41%
M431Z9C8K-#)12F--6"MS5W-P=&DY2GE$=E5*=U%L14IC=C4U0G1W0VA#;61D
M35$Y-T0Y4T9T5DHY9`T*=S%J:'=/5%I7-T,T,TQ2-S-Z639W<E9M26A,5VAW
M,$-!=T5!06%-5$U"17=$=UE$5E(P5$%12"]"055W07=%0(_at_)T*+WI!3D)G:W%H
M:VE'.7<P0D%1449!04]"9U%!2"MK>'!84'56>D5B=6A93DY)5$-/>71M;V(P
M:V$U='!2-#)"=PT*8DE2:$5A16%Y16<K5U5..50U53EO674S0S)+665N5TLS
M66A/5'`U03(V:DU-;E,U8G<S1S0W3D5#.6U+8C5O<`T*;35K64M$=E(T,$%O
M;6QO.#%B6&Y)0G5,>7%3<FIE;%(R94I-3$9M<#)R;7ED4G8R479,=G(_at_)O25DK
M66TX;R\K2PT*27DU=U)W04%!04%!05%%/0T*/4DR,DD-"BTM+2TM14Y$(%!'
84"!054),24,@2T59($),3T-++2TM+2T-
`
end
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: PGP 6.5, William H. Geiger III <=
Previous by Date:  Re: MDCs and PGP 6.5.1b15, William H. Geiger III
Next by Date:  Then it is not a signature..., Tom Zerucha
Previous by Thread:  MDCs and PGP 6.5.1b15, Werner Koch
Next by Thread:  REMINDER: CFP: ISOC Year 2000 Netw. & Distr. Sys. Security Symp. (NDSS 2000), David M. Balenson
Indexes:  [Date] [Thread] [Top] [All Lists]