up/home
GPG
This
patch
(signature)
for GPG 1.0.6 enables the printing
of fingerprints for revoked keys when using the normal --with-fingerprint
switch to display the contents of a keyring file. For GPG 1.0.7 and 1.2.0,
change "print_fingerprint( pk, NULL )" to "print_fingerprint( pk, NULL, 0 )"
in the patch file.
pad (encryption utility)
My followup to
FreeBSD PR ports/27323
has a PGP-signed patch for the
FreeBSD port of pad 1.0.4.
FreeBSD PR ports/32810
is the new PR that I was advised to open so it could be assigned to the
port maintainer.
pgpring (PGP keyring display utility, part of mutt)
This
patch
(signature)
for pgpring adds fingerprint output via -f and fixes a problem with type 20
(ElGamal encrypt+sign) keys. Fingerprints are also printed for subkeys
(use --with-fingerprint twice to display them in GPG). Since pgpring also
ships with
the keyanalyze distribution, this patch does not modify any Makefiles to link
md5c.o into pgpring.
If you need the MD5 modules for keyanalyze, get them from a mutt
distribution. This patch was developed for mutt 1.3.24.
My
first patch
(signature)
for
pks was developed for the
FreeBSD port of pks 0.9.4.
It should be applied after the existing patches in the FreeBSD port, which
were copied from the NetBSD port patches developed by Dave Burgess.
My patch identifies itself in the pks version string as
"PGP Key Server 0.9.4+patch2+JHpatch1." Enhancements in the first patch
include:
- HKP (WWW) key submissions disabled by default, enabled via configuration file
- nicer formatting of long (SHA-1) fingerprints
- pksdctl usage() shows available commands/arguments
- manual page fixes
My second patch (coming soon) applies after the first patch and includes:
- version 4 RSA keys stored under correct keyid, fingerprints fixed
- type 20 (ElGamal encrypt+sign) key fingerprints fixed
- display of signature creation dates (vindex)
- display of key type after key size (e.g. 1024R or 1024D v. 1024)
- vindex output text and whitespace changed to more closely match GPG's
- display "rev" for uid. cert. revocation sigs (0x30) (vindex)
- uid cert. revocation sigs no longer replace the sigs they revoke
- user attribute (type 17, photo ID) packets are ignored
- subkeys handled properly, subkey data displayed in vindex listings,
duplicated subkeys detected and merged
- compare long keyids and raw packets to disambiguate keys (allowing more
keys with duplicate short keyids to be stored properly instead of being merged)
- display keyid 00000000 (a currently unknown key, v. FFFFFFFF, a known key) for unreadable (usually X.509) signatures
- key deletions continue when a userid word isn't found (pksclient)
- direct key signatures (tag 0x1F) supported, designated revoker fingerprint displayed w/link to vindex of key by short keyid
- display [selfsig] ([keybind] for subkeys) where long keyids match, flag non-selfsigned subkey binding sigs and key/subkey revocation certs.
- sort userid cert. signatures by short keyid, long keyid, timestamp, signature class, and raw packet, store all versions of all userid cert. signatures
- signatures on duplicate userids merged
- compare raw packets before reporting ignoring changed revocation signature
- BDB SHMEM size (dbenv.mp_size) tunable via PKS_SHMSIZE_MB envt. variable
- (HTML) horizonal rules between displayed keys
- (HTML) userids on signatures link to verbose indices of the signing keys
- (HTML) non-primary userids and userid cert. signatures from unavailable keys no longer display as links
- (HTML) link to biglumber.com records by full fingerprint and short keyid, e.g. my key -> my biglumber entry, when op=vindex and fingerprint=on
- (HTML) links to subkeys
- process/store UTF-8 userid strings properly
- (HTTP/HKP) generate Date:, Content-Length:, and Content-MD5: headers for most replies
- (HTTP/HKP) support HEAD requests
- (HTTP/HKP) generate ETag: headers (SHA-1 hashes) for most replies, support ETag-based cache-control via If-None-Match: request header (and switch to Content-SHA1: v. Content-MD5:)
- (HTTP/HKP) allow connection reuse for HTTP/1.1 clients
up/home
$Date: 2005/01/12 19:26:18 $