[prev in list] [next in list] [prev in thread] [next in thread]
List: pgp-keyserver-folk
Subject: Re: pgp key server, verbose display of signers
From: "Michael Young" <mwy-pks55 () the-youngs ! org>
Date: 2001-07-09 15:51:05
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, Jun 26, 2001 at 10:01:04AM +0200, Bene, Martin wrote:
> The web interface for querying keys from the pgp keyserver seems to have
> problems with x.509 certificates as signatures:
...
> sig FFFFFFFF Salvo Salasio <coderpunks@toad.com>
>
> That 3rd signature is actually an x.509 cert from thawte, the display of
> the signatures doesn't seem to cope very well with this.
An X.509 certificate does not include a PGP keyID, so there's nothing
to look up. I think the "FFFFFFFF" notation is as good as any.
Perhaps it shouldn't be a hyperlink, but I wouldn't spend any effort on it.
I expect you would get the same behavior for any other v4 signature that
doesn't include an Issuer ID subpacket.
To which Werner Koch replied:
> We don't have any specs about this NAI hack. IIRC, someone from NAI
> said quite a while back that they consider to open their specs but
> this was at a time when Phil was still working there.
The format looks pretty straightforward. It appears that they've used
algorithm ID 100, and then added a signature subpacket ID 100 that
contains a few mystery bytes and a DER-encoded X.509 byte array. A quick
look at the last public NAI sources might clear up the mystery bytes,
but why bother? Unless you plan on interpreting the X.509
certificate, there's no reason to care.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBO0nSyGNDnIII+QUHAQHx4gf/a050YurHXvjFN+NuSmBFXiNW2jrKZlWa
Cms5+8GXqJCqkHtEejOpS7cBG2y+JkoLWOLpgVCBRPCszWMz7arlHHlenneMSZlz
hoYkexl0I3aC+kki8hKYVqSn7iV0G+pzfefY3rB+sabXq1MCK72g7Zxm9aWpH3Ag
zmNLtAnV5USrf2FF0YNdCXwfl+vcWq57oze1ZVIILuRJ8i6D9tcIbjNHZAjA2mWQ
gOcHOpHaTzgNJVkouOMqcG1v7oisZ7ZsWwVkG0pAT5K3UIIhjKfV/B7xz01AeJe9
8EVJfhXVYCKKAh5EBhr2LlTGAkeUd25S1pGjYMaBXBdzCs21AOksHA==
=fktm
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic