[imp] IMP, PGP, and keyservers
Michael M Slusarz
slusarz@bigworm.colorado.edu
Wed, 2 Oct 2002 17:54:33 -0600
Quoting Chuck Hagenbuch <chuck@horde.org>:
| Quoting Jeff Tucker <jefft@wciatl.com>:
|
| > Does the current CVS of IMP-HEAD work with PGP keyservers?
|
| Sometimes; I have had some problems with it timing out.
This is a known problem - however, as of PHP 4.2.x, there is no way to
timeout execution calls so this really can't be avoided. At least I can't
figure out a way to handle this way.
It MAY be possible, instead of using the gpg binary to access the
keyserver, to directly access the keyserver using sockets. However 1) I
don't have the time write now to research the keyserver protocol and
program the socket stuff, 2) you would have to build the optional socket
stuff into PHP, and 3) the timeout stuff in PHP sockets may not be portable.
| > I emailed myself a signed message from another application. IMP says
| that
| > the signature is BAD. Using tcpdump, I can see that it is connecting to
| > the keyserver and appears to be requesting the correct key as the Keyid
| in
| > the URL is correct. IMP does not say that the key wasn't found. It says
| > that the signature is bad. I've tried using www.keyserver.net as well
| as
| > wwwkeys.pgp.net.
|
| The PGP code is relatively new; I don't have time to poke at it myself
| right
| now, and the original author has been pretty busy the last few weeks, but
| if you do have time to look into it, I'll gladly look at patches.
As chuck mentioned, my time is extremely thin right now. It would be great
if others could help with improving the code (we are looking at at *least*
a few months before I probably would have time to probe in-depth).
michael
______________________________________________
Michael Slusarz [slusarz@bigworm.colorado.edu]
The University of Colorado at Boulder