[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: KeyIDs and Key Fingerprints

To: ietf-open-pgp@xxxxxxx
Subject: Re: KeyIDs and Key Fingerprints
From: lutz@xxxxxxxxxxxxxxxxxxx (Lutz Donnerhacke)
Date: 21 Oct 1997 11:20:12 GMT
Newsgroups: iks.lists.ietf-open-pgp
Organization: IKS GmbH Jena
References: <>
Sender: owner-ietf-open-pgp@xxxxxxx

* William H. Geiger III wrote:
>I can see where in a Public keyserver environment it is easier to allow
>duplicate keyID's to prevent a DOS attack with a spoofed key. For a
>corporate keyserver or a local keyring I am not sure if allowing these
>keys into the database is a wise thing.

Local databases may apply a completely other policy on accpeting keys.
My current policy is to not add untrusted keys, not selfsigned user IDs, and
ask if duplicates arrive.

>I may be wide off on this one but it just seems to be a bad design
>approach to allow non-unique identifyers in the PGP packets and then try
>every key that matches it.

Defining something unique without any guarantee to be is even worse.

References:
- Re: KeyIDs and Key Fingerprints
  - From: William H. Geiger III

Prev by Date: Re: KeyIDs and Key Fingerprints
Next by Date: Re: New Draft... going forward
Previous by thread: Re: KeyIDs and Key Fingerprints
Next by thread: Re: KeyIDs and Key Fingerprints
Index(es):
- Date
- Thread