On Sat, Sep 14, 2013 at 08:46:05PM -0500, John Clizbe wrote: > As I see it, we have two related problems here, both involving the no-export > signature flag:
> 2) JimBob lsigns his own key, creating a non-exportable selfsig then delsigs > all of the exportable selfsigs. This is shooting oneself in the foot. If we > honor no-export on a selfsig, we create keys with UIDs that have no binding > signature. THIS IS VERY VERY BAD. I think the RFC folks should probably have True, but the user's OpenPGP client is the best place to allow/ disallow such behavior, or at least prompt the user to re-sign the key if they manage to totally break it as you've described. > My compromise suggestion of trying to DTRT but with minimum harm is in the > case of 1, where signing key != signed key, strip the non-exportable sig > before we import into the key store. Agreed. > In the case of 2, where signing key == signed key (lsign your own key) we have > a user either intentionally or accidentally shooting himself in the crypto > foot. We can a) hold our noses and accept the key, or b) reject the entire key > as malformed -- there is no way to honor the no-export sig flag and still have > a valid key. That, truly, sounds like a "weird corner case," which, if GPG or other OpenPGP implementations indeed allow users to create, could be handled with a small tweak to dkg's patch. That is, don't discard an lsign'd/non-exportable SELFSIG if it is the only SELFSIG. Of course, GPG would need to keep this lone lsign'd selfsig, hopefully without yet another configuration option, and SKS could still discard it in the case of a bad, but exportable, selfsig, so we should add crypto to be sure, but whatever... :) > Another possibility is that if there are earlier or later exportable > selfsig(s), just strip the errant selfsig with the no-export flag. Basically the same action for DTRT in case #1. -- Jason Harris | PGP: This _is_ PGP-signed, isn't it? jhar...@widomaker.com _|_ Got photons? (TM), (C) 2004
pgpN_5jNE6x2Q.pgp
Description: PGP signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel