Mailing List Archive

On Mon 2019-07-01 18:57:03 +0200, Werner Koch via Gnupg-devel wrote:
> into gpg.conf to skip all key-signatures at an early import stage. This
> will go into 2.2.17. We track this problem at https://dev.gnupg.org/T4591

Thanks for taking the time to work on this, Werner. I don't think this
is an appropriate fix, though.

As I've commented on T4591,

If i am going to tell anyone "hey, do this weird thing differently in
order to fetch my key", i will tell them "pull it from
https://dkg.fifthhorseman.net/dkg-openpgp.key". I will never tell
anyone to use import-self-sigs-only.

Not only that, but the current implementation of import-self-sigs-only
also does not appear to be robust against a malicious certificate
flood given SKS's lack of cryptographic validation. Adding a new
option to an already-crowded space is not the right solution. The
right solution is for gpg to be more defensive about the OpenPGP
packets it receives, regardless of who it receives them from.

Regards,

--dkg

Hi!

Here is another patch on top of the two I posted yesterday. This one
implements a callback to the new option in the case the import failed.
No need to set the option if you can live with the time it requires for
the first time import of a flooded keyblock.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.