[cryptography] Duplicate primes in lots of RSA moduli

Florian Weimer fw at deneb.enyo.de
Thu Feb 16 06:42:27 EST 2012


* Werner Koch:

>> However, when a V4 key is signed, the certification signature does not
>> cover the expiration date.  The key holder (legitimate or not) can
>
> Wrong.  Look at my key:
>
>   :public key packet:
>           version 4, algo 17, created 1199118275, expires 0
>           pkey[0]: [2048 bits]
>           pkey[1]: [224 bits]
>           pkey[2]: [2046 bits]
>           pkey[3]: [2048 bits]
>   :user ID packet: "Werner Koch <wk at g10code.com>"
>   :signature packet: algo 17, keyid F2AD85AC1E42B367
>           version 4, created 1199118881, md5len 0, sigclass 0x13
>           digest algo 11, begin of digest 2a 29
>           hashed subpkt 27 len 1 (key flags: 03)
>           hashed subpkt 9 len 4 (key expires after 11y2d12h35m)
>  [...]
>           subpkt 16 len 8 (issuer key ID F2AD85AC1E42B367)
>   
> The signature packet is the certification for the key and user id.  A
> signature packet consist of subpackets which may either be hashed or
> unhashed.  Hashed subpackets are part of the signed material and thus
> can't be removed.

Isn't this a self-signature?  I was talking about third-party
signatures on the key.



More information about the cryptography mailing list