On Sun, Sep 16, 2001 at 05:13:44PM +0100, Chris Ball wrote:
> On 16 Sep 2001 17:01:08 +0100, Matthew Byng-Maddick wrote:
> > What happens if they are two valid keys?
> The module would have to break on any ambiguity. I suspect the reason
> this isn't implemented in any OpenPGP clients (thanks for the
> correction) is that the process of obtaining a public key should have
:-)
> some authentication behind it, rather than blindly importing data that
> matches an e-mail address and encrypting to it. If there was anything to
> suggest more than one match for a mail address, I wouldn't return a key.
Ah, but the authentication is the signature chain. :-) What is, of course,
interesting is that most people signing keys check the identity of the
user, rather than whether the email address goes to them. In theory,
putting your signature on a key, you're tying the uid subpacket and the
pub subpacket together. People tend to assume that email address bits are
correct.
> > Also, I assume you know that if you're writing new software with GPG, you
> > should really be trying to get the 64bit IDs rather than the 32bit ones.
> I hadn't thought about that, or any such implementation issues. I will
> do, though. :-)
Cool. You can see them in GPG if you use the --with-colons mode.
> > What about where people have multiple email addresses ? eg, there is no
> > key for [EMAIL PROTECTED], but there is for [EMAIL PROTECTED]
> I don't see how this is an issue with the code I'm proposing. If that's
> the case, and there isn't a single user-id relating to
No, it's not really, although it might be nice if you say: these were the
addresses mentioned that I think might belong to him, find me a key with
this, and perhaps use String::Approx on the name bit to see if it matches
any of the names. (the names may also be different due to char encoding
issues. They should come out in UTF-8).
> [EMAIL PROTECTED], then the search for a keyid for that
> string fails. Where people have multiple e-mail addresses that are
> covered by the same keyid (for example, [EMAIL PROTECTED] and
> [EMAIL PROTECTED]), a search for either - as long as there are no other
> existing records for those addresses - would return the correct keyid.
Yup, sure.
> Many thanks for the mail. I'm not sure what you mean in the last quoted
> point, and this may well be my fault. If you still think I'm missing
> something, could you try rephrasing?
I was probably just rambling. :-)
MBM
--
Matthew Byng-Maddick <[EMAIL PROTECTED]> http://colondot.net/
