Hello, Bob, Karl; On Sat, Feb 02, 2019 at 12:48:55PM -0700, Bob Proulx wrote: > > Ineiev wrote: > > Currently the 'gpg_key' colunm of the 'user' table has the 'text' > > type, this means 64k character limit. Some users attempted > > to register longer GPG keys, and they were truncated. > > Longer than 64K! That seems very long to me. This feels to me > (without looking) that they must be including something more in that > key upload than they should be including. For example I have an > rsa4096 gpg key. When exported using gpg 2.2.12 the resulting ascii > armored key size is 10987 bytes. That would still comfortably fit > within the 64k text size limit.
I thought the same, but it turned out that I'm just not very sociable. for example, key 3CE464558A84FDC69DB40CFB090B11993D9AEBB5 exports to a 84k long file because it has 125 signatures from other people; with gpg -a --export --export-options=export-minimal, it's just 5k long. Now, keyservers do store some keys with many fancy signatures, like [0], but generally signatures are useful, and we may expect that people don't keep a lot of spam signatures on their own keys in their keyrings. [0] https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0xF2AD85AC1E42B367
signature.asc
Description: Digital signature
