On Sun, Jul 15, 2018 at 06:28:24PM +1000, Haw Loeung wrote: > I don't think these patches should land in SKS. It's to work around > one key and doesn't scale very well. Instead, I think more work should > be done adding the ability to not accept and send keys of a certain > size as well as options to exclude specific list of keys. I'm not sure > if there's another mailing list used by SKS developers to discuss > this.
Thanks, I see the patches hard code key id, so I think it shouldn't land in upstream too. > > If you're interested in the patches, you should be able to download > the *.debian.tar.xz file from the link below: > > | > https://launchpad.net/~canonical-sysadmins/+archive/ubuntu/sks-public/+packages > > Extract that and the series of patches to-date are: > > | 0012-poison-key.patch > | poison-key-id-update > | 0014-poison-key-output-fix > | 0091-pjdc-compare-short-keyid.patch > I don't know ocaml, but these patches are in a mess, shouldn't it be simplified to, diff --git a/keydb.ml b/keydb.ml index 949a1f4..7ff976a 100644 --- a/keydb.ml +++ b/keydb.ml @@ -1166,6 +1166,11 @@ struct try if has_hash hash then [] else let keyid = Fingerprint.keyid_from_key ~short:true key in + let keyid_long = Fingerprint.keyid_to_string ~short:false (Fingerprint.keyid_from_key ~short:false key) in + + (* Blacklist poison key - RT#112669 *) + plerror 4 "considering keyid %s" keyid_long; + if List.mem keyid_long ["E41ED3A107A7DBC7"] then [] else let potential_merges = List.filter ~f:(fun x -> x <> key) (get_by_short_keyid keyid) in -- Best regards, Shengjing Zhu
signature.asc
Description: PGP signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
