Hi Paul--
On Tue 2022-05-03 11:29:39 +0200, Paul Schaub wrote:
Bouncy Castle is choking on unknown packet versions unfortunately. I got
a fix for signatures merged upstream (I'm not affiliated with the Bouncy
Castle project), so at least unknown signature versions will now be
ignored,
Thanks for pushing these fixes into the infrastructure! Can you point
to the specific fix where that was done? That might be usfeul if any
distributors need to think about backporting.
however unknown PKESK packets still cause issues. I guess
future-proofing BC takes some more work.
v5 PKESK packets are only emitted with v2 SEIPD packets, so in that
sense there's no significant problem -- an implementation that can't
read v5 PKESK won't be able to decrypt v2 SEIPD either. It's the
signatures that i'm most concerned about.
--dkg
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp