problems with 0.9.5b (CVS)

Thomas Roessler roessler at guug.de
Thu Apr 15 15:01:38 CEST 1999 

I've just had a look at the current CVS versin of gnupg, and there
are a couple of problems:

- Validity calculations seem to have problems.  Consider the
  following public key (output from pgp 2.6.3in, reduced to the
  relevant parts):

pub  1280/593238E1 1996/01/19 Thomas Roessler <roessler at guug.de>
sig!*     CE6AC6C1 1998/01/05  Thomas Roessler <roessler at guug.de>
sig!      593238E1 1997/05/19  Thomas Roessler <roessler at guug.de>
                              Thomas Roessler
			      <Thomas.Roessler at Sobolev.Rhein.DE>
sig!      593238E1 1996/01/21  Thomas Roessler <roessler at guug.de>

  The key is axiomatically valid/trusted.  Nevertheless, gnupg gives
  the following validity information:

pub:u:1280:1:3E2500EF593238E1:1996-01-19::3017:-:Thomas Roessler <roessler at guug.de>:
uid:q::::::::Thomas Roessler <Thomas.Roessler at Sobolev.Rhein.DE>:

  That is, undefined validity.  My guess is that gnupg _always_
  ignores self-signatures for validity computations.  This is ok,
  except in the case of our own keys.

- GnuPG still requires a self-signature when it should add a key to
  the public key ring.  This breaks the key pair concept introduced
  by the IN Certification Hierarchy: PGP 2.6.3in has usage
  restrictions which are put into the key's user ID.  Many people
  generate _two_ public keys, a signing and an encryption key, the
  encryption key's user ID signed with the corresponding signing
  key, BUT NOT SELF-SIGNED.

  The idea behind this is roughly similar to OpenPGP's key/subkey
  concept.  (The implementation is flawed, but that doesn't really
  matter here - the keys are out there.)

  Example:

pub  1535/E013E2A9 1999/01/08 Hanno Wagner (Rince) <rince at xlink.net> (SIGN,EXPIRE:1999-12-31)
           Expire: 1999/12/31 SIGNature only
sig!*     CE6AC6C1 1999/01/25  Thomas Roessler <roessler at guug.de>
sig!*     42F948E9 1999/01/22  Hanno Wagner (Rince) <wagner at fitug.de> (SIGN,EXPIRE:1999-12-31)
sig!      E013E2A9 1999/01/08  Hanno Wagner (Rince) <rince at xlink.net> (SIGN,EXPIRE:1999-12-31)
pub  1535/34469C01 1999/01/08 Hanno Wagner (Rince) <rince at xlink.net> (ENCR,EXPIRE:1999-12-31)
           Expire: 1999/12/31 ENCRyption only
sig!*     CE6AC6C1 1999/01/25  Thomas Roessler <roessler at guug.de>
sig!*     42F948E9 1999/01/22  Hanno Wagner (Rince) <wagner at fitug.de> (SIGN,EXPIRE:1999-12-31)
sig!      E013E2A9 1999/01/08  Hanno Wagner (Rince) <rince at xlink.net> (SIGN,EXPIRE:1999-12-31)
  
  Bottom line: Due to the lack of a self signature under the
  encryption key, gnupg refuses to import it into the public key
  ring, making secure communications with many users of PGP 2.6.3in
  unusable.

  gnupg should at least have an _option_ to enable the import of
  keys which have only non-self-signed user IDs.  

tlr  
-- 
http://home.pages.de/~roessler/

More information about the Gnupg-devel mailing list