« July 25, 2001 | Main | July 31, 2001 »

July 27, 2001 Archives

July 27, 2001

GPG: local signatures may be exportable

When you sign a (public key, user ID) couple using a V3 RSA key, gnupg will create a V3 signature. This includes the case of local signatures. Bad enough, there is no such concept as a local V3 signature, which implies that using "lsign" with a V3 RSA key is equivalent to "sign", and produces an exportable(!) signature.

This, in turn, can lead to considerable embarrassment (and loss of reputation) of the signer, and to bad judgement by others who rely on such signatures.

This patch fixes this problem by adding a minimum version parameter to make_keysig_packet(), and makes sure that local signatures are always at least V4.

Posted by Thomas Roessler on July 27, 2001 7:55 AM | | TrackBacks (0)

Search


About July 2001

This page contains all entries posted to No Such Weblog in July 2001. They are listed from oldest to newest.

July 25, 2001 is the previous archive.

July 31, 2001 is the next archive.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.35