Vandalizing keyserver UID's

David Shaw dshaw at jabberwocky.com
Fri Apr 25 18:06:42 CEST 2008


On Thu, Apr 24, 2008 at 08:52:12PM -0700, David Stults wrote:
>
> Greetings,
>
> This evening I've been working on stamping old public keys (long since lost 
> the secret key) with a bogus UID to inspire people to avoid trying to use 
> them.  I'm curious as to how I can tell the UID is fake.  For example, here 
> is the GPG output of --list-keys for one of the keys I branded:
>
> pub   1024D/DF71515D 2000-02-21
> uid                  David Stults <dstults at integratelecom.com>
> sig          DF71515D 2000-02-21  David Stults  <dstults at integratelecom.com>
> uid                  DO NOT USE THIS KEY!
> sig          DF71515D 2000-02-21  David Stults  <dstults at integratelecom.com>
> sub   2048g/78B9A888 2000-02-21
> sig          DF71515D 2000-02-21  David Stults  <dstults at integratelecom.com>
>
> That seems to imply that even the bogus UID (the second one, as you may 
> have guessed ;-)) is in fact signed.
>
> The keyserver displays it differently, but seems to make the same 
> assertion:
>
> uid DO NOT USE THIS KEY!
> sig  sig   DF71515D 2000-02-21 __________ __________ [selfsig]
>
> uid David Stults <dstults at integratelecom.com>
> sig  sig   DF71515D 2000-02-21 __________ __________ [selfsig]
>
> sub  2048g/78B9A888 2000-02-21
> sig sbind  DF71515D 2000-02-21 __________ __________ []
>
> Forgive me I've just been obtuse.  It isn't making sense to me, and I'd 
> like it to.  I want to be able to look at a public key and determine if any 
> bogus UID's have been added to it.  The only thing I've noticed is that my 
> newer keys say "sig 3", while the older ones don't have a certification 
> level given.

The problem is that you aren't asking GPG to check that signature,
just dump the whole key.  Note what happens when you do '--check-sigs'
instead of '--list-sigs'.  GPG won't use that user ID for anything, as
it is not certified.  In fact, GPG won't even import the unsigned UID
unless you specifically tell it to.

Current keyservers don't have crypto at all (they're pure storage) so
they never check signatures.

David



More information about the Gnupg-users mailing list