'Re: pgp key server, verbose display of signers'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pgp-keyserver-folk
Subject:    Re: pgp key server, verbose display of signers
From:       "Michael Young" <mwy-pks55 () the-youngs ! org>
Date:       2001-07-09 15:51:05
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----

On Tue, Jun 26, 2001 at 10:01:04AM +0200, Bene, Martin wrote:
> The web interface for querying keys from the pgp keyserver seems to have
> problems with x.509 certificates as signatures:
...
> sig       FFFFFFFF             Salvo Salasio <coderpunks@toad.com>
> 
> That 3rd signature is actually an x.509 cert from thawte, the display of
> the signatures doesn't seem to cope very well with this.

An X.509 certificate does not include a PGP keyID, so there's nothing
to look up.  I think the "FFFFFFFF" notation is as good as any.
Perhaps it shouldn't be a hyperlink, but I wouldn't spend any effort on it.

I expect you would get the same behavior for any other v4 signature that
doesn't include an Issuer ID subpacket.

To which Werner Koch replied:
> We don't have any specs about this NAI hack.  IIRC, someone from NAI
> said quite a while back that they consider to open their specs but
> this was at a time when Phil was still working there.

The format looks pretty straightforward.  It appears that they've used
algorithm ID 100, and then added a signature subpacket ID 100 that
contains a few mystery bytes and a DER-encoded X.509 byte array.  A quick
look at the last public NAI sources might clear up the mystery bytes,
but why bother?  Unless you plan on interpreting the X.509
certificate, there's no reason to care.

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQEVAwUBO0nSyGNDnIII+QUHAQHx4gf/a050YurHXvjFN+NuSmBFXiNW2jrKZlWa
Cms5+8GXqJCqkHtEejOpS7cBG2y+JkoLWOLpgVCBRPCszWMz7arlHHlenneMSZlz
hoYkexl0I3aC+kki8hKYVqSn7iV0G+pzfefY3rB+sabXq1MCK72g7Zxm9aWpH3Ag
zmNLtAnV5USrf2FF0YNdCXwfl+vcWq57oze1ZVIILuRJ8i6D9tcIbjNHZAjA2mWQ
gOcHOpHaTzgNJVkouOMqcG1v7oisZ7ZsWwVkG0pAT5K3UIIhjKfV/B7xz01AeJe9
8EVJfhXVYCKKAh5EBhr2LlTGAkeUd25S1pGjYMaBXBdzCs21AOksHA==
=fktm
-----END PGP SIGNATURE-----

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic