gpg > addphoto
Stefan Claas
sac at 300baud.de
Thu Jan 10 15:56:43 CET 2019
On Wed, 9 Jan 2019 23:13:33 +0000, Damien Goutte-Gattat wrote:
> On Wed, Jan 09, 2019 at 11:29:06PM +0100, dirk1980ac via Gnupg-users wrote:
> > > I only wanted to know why such a large image size in the first
> > > place was chosen, when GnuPG suggest a much much smaller
> > > size. :-)
> >
> > I think the 16M are from times, where RAM was nbot measured in GB.
>
> Not quite. If you look at the code’s history, you’ll find that the 16MB
> limit is actually from 2014 [1]. There was no limitation on the size of
> user attribute packets before that.
Thanks for the info!
> It is wise to be careful when you abruptly introduce a limitation that
> did not exist before; 16MB was chosen because it is big enough to avoid
> breaking any existing key with a legitimate user attribute packet, while
> still preventing DoS attempts with deliberately oversized packets.
Have you or anybody else seen such a large and legitimate attribute
packet, also one from before 2014? I really would like to see such a
key to get a better understanding.
Regards
Stefan
More information about the Gnupg-users
mailing list