multiple copies of the self-signature on the key
David Shaw
dshaw at jabberwocky.com
Fri Jun 16 14:11:18 CEST 2006
On Fri, Jun 16, 2006 at 12:09:08PM +0200, Janusz A. Urbanowicz wrote:
> On Wed, Jun 14, 2006 at 08:24:17AM -0400, David Shaw wrote:
> > On Wed, Jun 14, 2006 at 02:20:20PM +0200, Janusz A. Urbanowicz wrote:
> > > On Wed, Jun 14, 2006 at 08:05:22AM -0400, David Shaw wrote:
> > > > On Wed, Jun 14, 2006 at 12:29:03PM +0200, Janusz A. Urbanowicz wrote:
> > > > > Hi, I am under an impression I reported that some time (~2 years) ago:
> > > > >
> > > > > I have a setup where I send (and update) my pubkey to remote amchines
> > > > > by downloading it from the keyserver network. Over time, preferences
> > > > > are updated, subkeys are crosscertified. And new and new
> > > > > self-signatures deposite on the key with old not being flushed. What
> > > > > can I do with that?
> > > >
> > > > You can't stop the keyservers from storing all copies of your
> > > > selfsig. They have no crypto support so have no way to tell which (if
> > > > any) is the "right" one to keep.
> > >
> > > the latest one by timestamp?
> > >
> > > just a thought
> >
> > Without crypto support, how is the keyserver to know that the nice new
> > signature with a later timestamp is in fact a real signature and not
> > garbage? It would be a perfect denial-of-service attack to upload
> > bogus selfsignatures and then sit back and watch the keyserver erase
> > parts of the key.
> >
> > GPG can do this because it can actually verify the signatures and
> > check. Keyservers are just storage and cannot verify.
>
> So, why GPG doesn't do this on import? AFAIR PGP 2 did this automatically.
PGP 2 didn't store anything useful in the self-signature, so there
were never more than one unless someone intentionally forced one to be
there.
In any event, GPG can do this on import, but it is optional. If you
want it:
keyserver-options import-clean
David
More information about the Gnupg-devel
mailing list