[ adding the upstream sks-devel mailing list to this thread]
over on https://bugs.debian.org/823394, Joost wrote:
On Wed 2016-05-04 04:44:06 -0400, Joost van Baal-Ilić wrote:
> This query http://pgp.surfnet.nl/pks/lookup?search=satoshi&op=index gives
>
> Error handling request
> Error handling request. Exception raised.
>
> . It should of course either return "Search results for 'satoshi'" with a list
> of keys, or return "No results found No results found: No keys found". I
> suspect there _is_ a matching key; and I suspect sks in some way chokes on
> that
> key. Similar behaviour can be found at other sks keyservers (like e.g.
> pgp.mit.edu).
>
> FWIW, this bug looks a bit similar to https://bugs.debian.org/683328 .
>
> I can do _some_ debugging; but only on request and with some handholding. I
> have no ocaml skills.
This is what's happening on the backend:
: 2016-05-06 16:38:58 Error handling request
(GET,/pks/lookup?search=satoshi&op=index,[
: accept:*/*
: accept-encoding:identity
: connection:close
: host:localhost:11371
: user-agent:Wget/1.17.1 (linux-gnu)]): Invalid_argument("Too many responses")
it's not clear to me what the correct response should be for an sks
server in this case. any ideas? if a flood of matching User IDs make
it impossible to search for a user id, isn't that a DoS vector?
--dkg
signature.asc
Description: PGP signature
