Heya :) On Fri, Jun 08, 2012 at 10:11:11AM +0200, Sebastian Urbach wrote: > [...] if something goes wrong > with the import. Better loose 5000 than 15000 keys. For the fun of it, I tried to parse a few weekly dumps and very often, not even GPG can successfully parse the packets, i.e. gpg --list-packets fails. Usually with "gpg: mpi too large for this implementation (56104 bits)" but there is a myriad of errors, i.e. gpg: subpacket of type 16 too short gpg: mpi larger than indicated length (517 bytes) gpg: mpi larger than indicated length (0 bytes) gpg: signature packet: unhashed data too long gpg: signature packet: hashed data too long gpg: mpi larger than indicated length (514 bytes) gpg: packet(14) too short
I usually can parse 30 to 40 out of the 206 or 207 dumps (probably containing 15k keys each). So I appreciate that the dumps will contain less keys. I wonder why that is though. Do I have I download or memory problems (on multiple machines..?)? Is that just malicious data which landed in the pool? Or is SKS better on parsing OpenPGP packets than GnuPG? Because one offending key seems to be 0x5df5c3733a6ced98 which, according to http://gpg.spline.inf.fu-berlin.de:11371/pks/lookup?search=0x5DF5C3733A6CED98&fingerprint=on&hash=on&op=vindex is successfully parsed by SKS. Same thing for 0xb51b4b095356aac8 or 0x857625223295AAB2. It appears to be keys that carry signature from 0x9710B89BCA57AD7C, the "PGP Global Directory Verification Key". Cheers, Tobi _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
