diff options
Diffstat (limited to 'pipermail/pycrypto/2010q2/000248.html')
-rw-r--r-- | pipermail/pycrypto/2010q2/000248.html | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/pipermail/pycrypto/2010q2/000248.html b/pipermail/pycrypto/2010q2/000248.html new file mode 100644 index 0000000..2770b8f --- /dev/null +++ b/pipermail/pycrypto/2010q2/000248.html @@ -0,0 +1,125 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [pycrypto] Help parsing OpenPGP packets and pubkey "normalization" + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Help%20parsing%20OpenPGP%20packets%20and%20pubkey%20%22normalization%22&In-Reply-To="> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000247.html"> + <LINK REL="Next" HREF="000260.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[pycrypto] Help parsing OpenPGP packets and pubkey "normalization"</H1> + <B>Jesus Cea</B> + <A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Help%20parsing%20OpenPGP%20packets%20and%20pubkey%20%22normalization%22&In-Reply-To=" + TITLE="[pycrypto] Help parsing OpenPGP packets and pubkey "normalization"">jcea at jcea.es + </A><BR> + <I>Thu May 20 12:06:39 CST 2010</I> + <P><UL> + <LI>Previous message: <A HREF="000247.html">[pycrypto] SHA-224, SHA-384 and SHA-512 Implementations +</A></li> + <LI>Next message: <A HREF="000260.html">[pycrypto] [Sks-devel] Help parsing OpenPGP packets and pubkey "normalization" +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#248">[ date ]</a> + <a href="thread.html#248">[ thread ]</a> + <a href="subject.html#248">[ subject ]</a> + <a href="author.html#248">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +Hi, everybody. + +I am designing (very preliminary yet) a new PGP keyserver to replace the +SKS (<A HREF="http://minskyprimus.net/sks/">http://minskyprimus.net/sks/</A>), written in python. The +syncronization algorithm will be merkle/hash trees +(<A HREF="http://en.wikipedia.org/wiki/Hash_tree">http://en.wikipedia.org/wiki/Hash_tree</A>). I am developing the merge tree +library just now, that I will release as a standalone library thru Pypi +in a couple of weeks or so. This lib has a lot of value by itself. + +The issue that bugs me now is pubkey normalization. + +That is, a pubkey in the keyserver network can be updated in two +different servers with two new signatures: + +Server 1: pubkey+sign1 + +Server 2: pubkey+sign2 + +After the sync is done, all the network MUST have the very exact key, +let say: + +Server 1: pubkey+sign1+sign2 + +Server 2: pubkey+sign1+sign2 + +For server 1, new sign is an (easy) append, but server 2 needs to +reorder the openpgp packets inside the pubkey. + +This is not trivial. You can parse the pubkey bundle, extract the packet +and sort them in lexicographic order, for instance, paying attention to +hierachical considerations. + +I need to "normalize" the key to ensure that "HASH(pubkey bundle)" is +the same everywhere, because that is what is feeded to the hasntree to +syncronize. + +How does SKS solve this issue?. + +Is there any "good" OpenPGP management library for Python?. + +PS: I could store the pubkey subpackets as individual objects in the +database, skipping the normalization, but performance would suffer (more +IOPs to disk) and I must parse the OpenPGP pubkey anyway. + +- -- +Jesus Cea Avion _/_/ _/_/_/ _/_/_/ +<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">jcea at jcea.es</A> - <A HREF="http://www.jcea.es/">http://www.jcea.es/</A> _/_/ _/_/ _/_/ _/_/ _/_/ +jabber / xmpp:<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">jcea at jabber.org</A> _/_/ _/_/ _/_/_/_/_/ +. _/_/ _/_/ _/_/ _/_/ _/_/ +"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ +"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/ +"El amor es poner tu felicidad en la felicidad de otro" - Leibniz +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.10 (GNU/Linux) +Comment: Using GnuPG with Mozilla - <A HREF="http://enigmail.mozdev.org/">http://enigmail.mozdev.org/</A> + +iQCVAwUBS/V6Lplgi5GaxT1NAQLcWwP+NkTt14tmg3QSyqcD+ojHa0GO005tyGbf +emlq1ruitbNjUzDM5qNqi1Qg+LjQKXuz4R1a0MtffoLK7MIDg2GV05+FD9Dh9UKr +LQhrwpmVLRnToeCdZP00P1+EqBL/fmyWnObyBqBagvqbh7aYGJY4IpfikN8rtcPR +bfMv5JmJYFg= +=o+Ah +-----END PGP SIGNATURE----- +</PRE> + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000247.html">[pycrypto] SHA-224, SHA-384 and SHA-512 Implementations +</A></li> + <LI>Next message: <A HREF="000260.html">[pycrypto] [Sks-devel] Help parsing OpenPGP packets and pubkey "normalization" +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#248">[ date ]</a> + <a href="thread.html#248">[ thread ]</a> + <a href="subject.html#248">[ subject ]</a> + <a href="author.html#248">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto +mailing list</a><br> +</body></html> |