Re: [PATCH] Add SIG_SUBPACKET as a known_keyword.

To: "mail.twerner@googlemail.com" <mail.twerner@googlemail.com>, "Jeremy T. Bouse" <jbouse@debian.org>
Cc: "debian-dak@lists.debian.org" <debian-dak@lists.debian.org>
Subject: Re: [PATCH] Add SIG_SUBPACKET as a known_keyword.
From: "Jeremy Bouse" <jeremy.bouse@undergrid.net>
Date: Tue, 20 Apr 2010 18:28:54 -0400
Message-id: <[🔎] 201004202229.o3KMSxR5003816@mail41.atl.registeredsite.com>
Reply-to: "Jeremy Bouse" <jeremy.bouse@undergrid.net>
In-reply-to: <[🔎] u2na90bfcf1004201506j5ccd778aubbd43024a1ddd109@mail.gmail.com>

I can work on adding that enhancement to the patch and resubmit. As soon as I'm back online at home I'll start looking into it.

-- Sent from my Palm Pre

On Apr 20, 2010 18:07, Torsten Werner <twerner@debian.org> wrote:

Hi Jeremy,

we have evaluated your patch again and found some issues:
<http://tools.ietf.org/html/rfc4880#section-5.2.3> explains:

An implementation SHOULD ignore any subpacket of a type that it does
not recognize.

Bit 7 of the subpacket type is the "critical" bit. If set, it
denotes that the subpacket is one that is critical for the evaluator
of the signature to recognize. If a subpacket is encountered that is
marked critical but is unknown to the evaluating software, the
evaluator SHOULD consider the signature to be in error.

Your patch should be enhanced to reject signatures with subpackets
that have the 'critical' bit 7 set. All other subpackets can be
ignored. Do you want to work on that?

Cheers,
Torsten

Reply to:

References:
- Re: [PATCH] Add SIG_SUBPACKET as a known_keyword.
  - From: Torsten Werner <twerner@debian.org>

Prev by Date: Re: [PATCH] Add SIG_SUBPACKET as a known_keyword.
Next by Date: [PATCH] Handle non-critical SIG_SUBPACKET per RFC4880
Previous by thread: Re: [PATCH] Add SIG_SUBPACKET as a known_keyword.
Next by thread: [PATCH] Handle non-critical SIG_SUBPACKET per RFC4880
Index(es):
- Date
- Thread