On Wed, 9 Jan 2019 23:13:33 +0000, Damien Goutte-Gattat wrote: > On Wed, Jan 09, 2019 at 11:29:06PM +0100, dirk1980ac via Gnupg-users wrote: > > > I only wanted to know why such a large image size in the first > > > place was chosen, when GnuPG suggest a much much smaller > > > size. :-) > > > > I think the 16M are from times, where RAM was nbot measured in GB. > > Not quite. If you look at the code’s history, you’ll find that the 16MB > limit is actually from 2014 [1]. There was no limitation on the size of > user attribute packets before that.
Thanks for the info! > It is wise to be careful when you abruptly introduce a limitation that > did not exist before; 16MB was chosen because it is big enough to avoid > breaking any existing key with a legitimate user attribute packet, while > still preventing DoS attempts with deliberately oversized packets. Have you or anybody else seen such a large and legitimate attribute packet, also one from before 2014? I really would like to see such a key to get a better understanding. Regards Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users