gpg > addphoto

Dirk Gottschalk dirk.gottschalk1980 at googlemail.com
Sat Jan 12 05:59:47 CET 2019


Hi Stefan.

Am Donnerstag, den 10.01.2019, 19:33 +0100 schrieb Stefan Claas:
> On Thu, 10 Jan 2019 18:38:36 +0100, 
> dirk.gottschalk1980 at googlemail.com wrote:

> Hi Dirk,

> > Am Donnerstag, den 10.01.2019, 16:23 +0100 schrieb Stefan Claas:
> > And this prevents also prevents an unintended DoS which means a
> > very big key by mistake. It's okay to allow the generation of
> > everything a user wants, especially in open source software where
> > everybody can change the values. A hard limit would make no sense
> > at all.

> Just wondering, have you ever used other (more modern) open source
> crypto software, which have hard limits and still get's the job done?

Yes, there sure is, but, as long as the tool is open source and anybody
who wants to change the limit to his own, such limits are useless.

Regarding to this, the Parameter is applied to avoid reading  larger
Packets than 16M for importing and so on, on the client side. So, if a
'bad guy' alters his version of GPG in a way to create such abusive
keys, the other users with an unaltered version should not get into
trouble with such a key.

Okay, it's quite possible to set this read limit down to, let's say,
8M, but I think 16M is a good limit to avoid hanging and other side
effects with a way to large key.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac





More information about the Gnupg-users mailing list