dshaw (David Shaw)
User

Projects

User does not belong to any projects.

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:49 PM (115 w, 6 d)
Availability
Available

Recent Activity

Dec 15 2012

dshaw added a comment to T1446: hkps SRV lookup discards port from SRV.

Finishing things up now.

Dec 15 2012, 4:00 PM · Bug Report, gnupg
dshaw added a comment to T1447: TLS hostname selection uses insecure SRV data.

Note that this implies setting Host: properly as well

Dec 15 2012, 3:59 PM · Bug Report, gnupg

Dec 2 2012

dshaw added a comment to T1446: hkps SRV lookup discards port from SRV.

Taking

Dec 2 2012, 4:17 PM · Bug Report, gnupg
dshaw added a project to T1446: hkps SRV lookup discards port from SRV: In Progress.
Dec 2 2012, 4:17 PM · Bug Report, gnupg
dshaw claimed T1446: hkps SRV lookup discards port from SRV.
Dec 2 2012, 4:17 PM · Bug Report, gnupg

Jan 19 2012

dshaw added a comment to T1366: --min-cert-level should trigger --update-db.

I think this makes sense. It's not a hard change. Way back when, I did something similar for trust_model -
it's stored in the version record and if gpg detects that the current model does not match what is encoded in
the header, it marks the trustdb as pending_rebuild.

Jan 19 2012, 6:01 AM · Bug Report, gnupg

Dec 28 2011

dshaw closed T1340: gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead as Resolved.
Dec 28 2011, 11:22 PM · Feature Request, gnupg
dshaw added a comment to T1340: gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead.

(Understood there are no immediate plans for a release, but if/when we do have
one, the change will be ready)

Dec 28 2011, 11:18 PM · Feature Request, gnupg
dshaw reopened T1340: gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead as "Open".
Dec 28 2011, 11:18 PM · Feature Request, gnupg
dshaw closed T1340: gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead as Resolved.
Dec 28 2011, 11:17 PM · Feature Request, gnupg
dshaw added a comment to T1340: gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead.

Change committed to 1.4, 2.0, and master.

Dec 28 2011, 11:17 PM · Feature Request, gnupg
dshaw removed a project from T1340: gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead: In Progress.
Dec 28 2011, 11:17 PM · Feature Request, gnupg

Dec 15 2011

dshaw added a comment to T1331: GnuPG Photo ID JPEG format checking incorrectly requires a JFIF Header.

Ok, fixed on 1.4, 2.0, and master.

Dec 15 2011, 11:17 PM · Bug Report, gnupg
dshaw added a project to T1331: GnuPG Photo ID JPEG format checking incorrectly requires a JFIF Header: Testing.
Dec 15 2011, 11:17 PM · Bug Report, gnupg

Aug 11 2011

dshaw added a comment to T1340: gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead.

I think this is fine. I originally wrote the code to send short keyids as pksd
couldn't properly handle long keyids or fingerprints. As pksd is now dead, and
sks properly handles this, I think it is reasonable to send the longest ID
appropriate (send fingerprints if we have them, long keyids if we have them, and
short keyids if we must).

Aug 11 2011, 5:37 AM · Feature Request, gnupg

Apr 4 2011

dshaw added a comment to T1331: GnuPG Photo ID JPEG format checking incorrectly requires a JFIF Header.

I suppose if we wanted to be needlessly pedantic, RFC-4880 actually specifies
JFIF (not JPEG as a whole).

Apr 4 2011, 4:58 PM · Bug Report, gnupg

Mar 26 2010

dshaw set Version to 1.4.10 on T1207: Possible silent data loss when using GPG to pipe to a full disk.
Mar 26 2010, 12:23 AM · Bug Report, gnupg
dshaw added projects to T1207: Possible silent data loss when using GPG to pipe to a full disk: gnupg, Bug Report.
Mar 26 2010, 12:23 AM · Bug Report, gnupg

Aug 24 2009

dshaw added a comment to T1098: Better ordering of "help" output in --edit-key mode.

I had a go at doing this in sections. I used:

Aug 24 2009, 11:09 PM · Documentation, gnupg, Debian, Feature Request

Aug 12 2009

dshaw added a comment to T1055: Special characters encoding issue with LDAP keyserver..

Did 1.4. Will do 2.0 shortly, after a bit of testing.

Aug 12 2009, 5:51 AM · gnupg (gpg22), Feature Request

Aug 11 2009

dshaw added a comment to T1089: Please store requests in a cache to avoid sending out duplicate requests (mailto: interface).

If this is pursued, I suggest doing it as a subsystem external to GnuPG. GnuPG
can generate keyserver information files (via --keyserver-options
use-temp-files). An external program can gather these files and manage them
however it likes, then pass them to the keyserver helper programs when it is
ready to.

Aug 11 2009, 6:12 AM · gnupg (gpg23), gnupg, Debian, Feature Request

Jun 1 2009

dshaw added a comment to T1038: Specify and use multiple keyservers.

The internals are already set for multiple keyservers (opt.keyserver is a
strlist, etc.) I had to implement it for the auto-key-retrieve feature, which
does support multiple servers.

Jun 1 2009, 1:27 AM · gnupg (gpg21), gnupg, Debian, Feature Request

May 29 2009

dshaw added a comment to T1055: Special characters encoding issue with LDAP keyserver..

Good idea. I think an adaptation of that code will do nicely. I think what is
needed here is a pass through that code, which almost always returns UTF8, then
a pass through utf8_to_native and then native_to_utf8. This is a lot of
manipulation, but string_to_utf8 may not return UTF8 if the user ID is coded
very badly, and the LDAP server will reject anything that isn't UTF8

May 29 2009, 5:09 AM · gnupg (gpg22), Feature Request

May 28 2009

dshaw added a comment to T1061: Send "Pragma: no-cache" with HTTP-queries.

Change 5028 for 2.0.

May 28 2009, 5:39 PM · gnupg, Debian, Feature Request
dshaw closed T1061: Send "Pragma: no-cache" with HTTP-queries as Resolved.
May 28 2009, 5:39 PM · gnupg, Debian, Feature Request

May 26 2009

dshaw added a comment to T1061: Send "Pragma: no-cache" with HTTP-queries.

Change 5024 for 1.4. Will do 2.0 shortly.

May 26 2009, 3:13 PM · gnupg, Debian, Feature Request

May 22 2009

dshaw claimed T1061: Send "Pragma: no-cache" with HTTP-queries.
May 22 2009, 7:58 PM · gnupg, Debian, Feature Request
dshaw added a comment to T1061: Send "Pragma: no-cache" with HTTP-queries.

Interestingly enough, it's no longer the default in libcurl. We'll have to do
it for both the libcurl and emulation cases.

May 22 2009, 7:58 PM · gnupg, Debian, Feature Request
dshaw added a comment to T1059: EXPKEYSIG doesn't catch primary=expired, subkey=valid.

I think that if the primary key is expired, the subkeys should be treated as
expired as well. The only thing that makes the subkey valid in the first place
is the binding signature - which was issued by the expired primary key.

May 22 2009, 7:45 PM · gnupg, Debian, Bug Report
dshaw added a comment to T1060: extract signature from encrypted and signed file/message.

This is the occasionally-requested "--unwrap" command which would stop
processing after a single layer of the file. I.e. convert Enc(Sign(data)) to
Sign(data).

May 22 2009, 7:21 PM · gnupg (gpg21), gnupg, Debian, Feature Request

May 21 2009

dshaw added a comment to T1055: Special characters encoding issue with LDAP keyserver..

Ah, never mind. I found a key (ACCFFAE2) that nicely duplicates the problem.

May 21 2009, 5:16 AM · gnupg (gpg22), Feature Request

May 20 2009

dshaw added a comment to T1055: Special characters encoding issue with LDAP keyserver..

Could you attach a copy of the public key you're having a problem with to this
bug? If you don't want to reveal that key for whatever reason, could you
generate another one with the 'é' character that shows the same problem?

May 20 2009, 5:54 PM · gnupg (gpg22), Feature Request

Oct 3 2008

dshaw added a comment to T903: show-photos should be able to display the UserID's calculated validity.

Closing.

Oct 3 2008, 10:10 PM · gnupg, Feature Request
dshaw closed T903: show-photos should be able to display the UserID's calculated validity as Resolved.
Oct 3 2008, 10:10 PM · gnupg, Feature Request
dshaw added a comment to T903: show-photos should be able to display the UserID's calculated validity.

I like the idea, but I'd implement it slightly differently (nothing major -
there are a few unnecessary #includes, and I'd rather protect pct_expando in
pct_expando rather than rely on the caller to submit sane arguments).

Oct 3 2008, 9:05 PM · gnupg, Feature Request

Oct 27 2007

dshaw added a comment to T831: cURL does not work under Visa.

Looks like gpgkeys_curl.exe is being run instead of gpgkeys_hkp.exe. I'm pretty
sure this fixed it:

Oct 27 2007, 10:36 PM · Keyserver, Bug Report, gnupg, Windows 32, Windows

Jul 19 2007

dshaw closed T815: Decrypting with multifile decrypts only 1 file as Resolved.
Jul 19 2007, 4:17 PM · Bug Report, gnupg
dshaw added a comment to T815: Decrypting with multifile decrypts only 1 file.

This is already fixed.

Jul 19 2007, 4:17 PM · Bug Report, gnupg

Jul 18 2007

dshaw added a comment to T810: Configure script fails on size detection with '--enable-minimal' - 1.4.7.

Fixed for 1.4.8.

Jul 18 2007, 9:43 PM · Bug Report
dshaw closed T810: Configure script fails on size detection with '--enable-minimal' - 1.4.7 as Resolved.
Jul 18 2007, 9:43 PM · Bug Report

Jul 7 2007

dshaw added a comment to T800: When sig-keyserver-url is set and pgp[267] are used, spurious warnings are printed.

This is done. --force-v3-sigs (including --pgpX) disables all v4 sig features.

Jul 7 2007, 2:55 AM · Bug Report, gnupg
dshaw closed T800: When sig-keyserver-url is set and pgp[267] are used, spurious warnings are printed as Resolved.
Jul 7 2007, 2:55 AM · Bug Report, gnupg
dshaw added a comment to T808: recv-keys / refresh-keys loops @ 100% of CPU.

This is not a bug, though it's certainly annoying. The problem is that
pgp.mit.edu has a corrupt copy of that key. GPG can handle the corruption, but
the algorithm for de-corrupting the key is somewhat expensive, essentially
requiring each signature on a user ID to be compared to every other signature.
(n-1)^2

Jul 7 2007, 2:43 AM · Bug Report, gnupg
dshaw closed T808: recv-keys / refresh-keys loops @ 100% of CPU as Resolved.
Jul 7 2007, 2:43 AM · Bug Report, gnupg
dshaw removed a project from T808: recv-keys / refresh-keys loops @ 100% of CPU: In Progress.
Jul 7 2007, 2:43 AM · Bug Report, gnupg
dshaw claimed T808: recv-keys / refresh-keys loops @ 100% of CPU.
Jul 7 2007, 1:56 AM · Bug Report, gnupg
dshaw added a comment to T808: recv-keys / refresh-keys loops @ 100% of CPU.

Taking bug.

Jul 7 2007, 1:56 AM · Bug Report, gnupg
dshaw added a project to T808: recv-keys / refresh-keys loops @ 100% of CPU: In Progress.
Jul 7 2007, 1:56 AM · Bug Report, gnupg
dshaw added a comment to T809: Irregular plain text packet encoding.

Fixed. Looks like I missed one when I factored out the common code. Thanks!

Jul 7 2007, 1:51 AM · Bug Report, gnupg
dshaw closed T809: Irregular plain text packet encoding as Resolved.
Jul 7 2007, 1:51 AM · Bug Report, gnupg

Jun 7 2007

dshaw added a comment to T800: When sig-keyserver-url is set and pgp[267] are used, spurious warnings are printed.

I think this is good, but doesn't go far enough. I'm thinking that if
force_v3_sigs is set (either directly or via --pgpX commands), then we should
allow that to override all of policy URLs, notations, and keyserver URLs. Right
now, it only overrides expiration dates, which is inconsistent (overriding some
v4 features, but not all). I'll see what I can make for that.

Jun 7 2007, 2:54 AM · Bug Report, gnupg

Mar 7 2007

dshaw added a comment to T768: duplicate user IDs of different status.

Fixed in 1.4 (r4445). I haven't integrated the fix to 2.0 yet.

Mar 7 2007, 5:21 PM · Bug Report, gnupg, OpenPGP

Dec 14 2006

dshaw added a comment to T744: W32 filenames with spaces.

Is this just an issue of escaping the spaces? Given that the problem seems to
happen across two platforms (Win2k and Fedora Linux) that would be a reasonable
explanation.

Dec 14 2006, 2:19 AM · Not A Bug, gnupg, Bug Report
dshaw closed T742: libiconv as Resolved.
Dec 14 2006, 1:40 AM · MacOS, Bug Report, gnupg
dshaw added a comment to T742: libiconv.

I believe I have a fix in svn now. It works on my 10.4 box. It should
work on 10.3 and 10.2, but may not work on earlier versions.

Dec 14 2006, 1:40 AM · MacOS, Bug Report, gnupg

Dec 3 2006

dshaw added a comment to T422: Web page http://www.gnu.org/software/gnupg/ is very out of date.

Maybe better just to redirect to http://www.gnupg.org ?

Dec 3 2006, 5:29 AM · Bug Report, gnupg
dshaw closed T455: Feature request for passphrase typing practice mode as Resolved.
Dec 3 2006, 5:21 AM · gnupg, Feature Request
dshaw claimed T455: Feature request for passphrase typing practice mode.
Dec 3 2006, 5:21 AM · gnupg, Feature Request
dshaw added a comment to T455: Feature request for passphrase typing practice mode.

I've implemented this one as --passphrase-repeat. Users may set this to however
many repeats they feel will help them remember the passphrase. If they make an
error, GPG will start over. It defaults to 1 of course, which is the old behavior.

Dec 3 2006, 5:21 AM · gnupg, Feature Request
dshaw added projects to T737: Cancelling a passphrase entry results in a null passphrase: gnupg, Bug Report.
Dec 3 2006, 4:56 AM · Bug Report, gnupg
dshaw set Version to 2 on T737: Cancelling a passphrase entry results in a null passphrase.
Dec 3 2006, 4:56 AM · Bug Report, gnupg
dshaw updated subscribers of T737: Cancelling a passphrase entry results in a null passphrase.
Dec 3 2006, 4:56 AM · Bug Report, gnupg
dshaw closed T651: hkp query fails on some keyservers as Resolved.
Dec 3 2006, 4:16 AM · Bug Report, gnupg
dshaw added a comment to T651: hkp query fails on some keyservers.

I'm going to close this now. GPG is doing as well as it can given the vagaries
of what HKP servers return. Unfortunately, there is no readily parsable
difference between "server failure", "key not found", or even "this isn't a
keyserver at all".

Dec 3 2006, 4:16 AM · Bug Report, gnupg

Nov 6 2006

dshaw reopened T651: hkp query fails on some keyservers as "Open".
Nov 6 2006, 4:17 AM · Bug Report, gnupg
dshaw added a comment to T651: hkp query fails on some keyservers.

I'm going to have to revert this and reopen the bug for discussion. Even the
SKS servers return HTML for a genuine key-not-found response. It is
inappropriate for gpg to complain in that case

Nov 6 2006, 4:17 AM · Bug Report, gnupg

Oct 20 2006

dshaw added a comment to T651: hkp query fails on some keyservers.

Done.

Oct 20 2006, 5:40 AM · Bug Report, gnupg
dshaw closed T651: hkp query fails on some keyservers as Resolved.
Oct 20 2006, 5:40 AM · Bug Report, gnupg
dshaw added a comment to T651: hkp query fails on some keyservers.

The HTML response is only from the old pks keyservers, and there aren't any of
them left (the old keyservers were the ones that destroyed subkeys). Still,
I'll add something like this just to be sure.

Oct 20 2006, 5:33 AM · Bug Report, gnupg

Oct 6 2006

dshaw closed T701: --send-key: keyIDs are limited to 16 characters (at least with hkp servers.) as Resolved.
Oct 6 2006, 7:16 AM · Bug Report, gnupg
dshaw added a comment to T701: --send-key: keyIDs are limited to 16 characters (at least with hkp servers.).

Actually it would be best to always write the v4 fingerprint (or 16 digit keyid
for v3) and let the gpgkeys_* handle both, but so far no keyserver can actually
make use of a full fingerprint, so there is no need to do this work now.

Oct 6 2006, 7:16 AM · Bug Report, gnupg

Aug 4 2006

dshaw added a comment to T636: the keys looked up at keyservers should be in hexadecmal format.

I'm afraid I don't understand what the bug is here. The statement
"The keys which were submitted via gpg obviously lacked the 0x" is not meaningful.

Aug 4 2006, 9:48 PM · Bug Report, gnupg

Jul 27 2006

dshaw added a comment to T638: Crash if trust level is set to 0.

Is fixed.

Jul 27 2006, 10:13 PM · Bug Report, gnupg
dshaw closed T638: Crash if trust level is set to 0 as Resolved.
Jul 27 2006, 10:13 PM · Bug Report, gnupg
dshaw added a comment to T681: Crash while attempting to set the trust level to zero.

Duplicate of 638

Jul 27 2006, 10:13 PM · Bug Report, gnupg
dshaw closed T681: Crash while attempting to set the trust level to zero as Resolved.
Jul 27 2006, 10:13 PM · Bug Report, gnupg

Jul 21 2006

dshaw closed T685: If http_proxy environment variable is set but empty, should not try to use proxy as Resolved.
Jul 21 2006, 1:47 AM · Bug Report, gnupg
dshaw added a comment to T685: If http_proxy environment variable is set but empty, should not try to use proxy.

Done, thanks!

Jul 21 2006, 1:47 AM · Bug Report, gnupg

Jul 13 2006

dshaw added a comment to T681: Crash while attempting to set the trust level to zero.

Have you modified the code in some way? I can't duplicate
the failure, and can't see, given the code, how this could
even be possible.

Jul 13 2006, 12:51 AM · Bug Report, gnupg
dshaw added a comment to T683: gpgkeys_hkp crashes when the query contains non-ASCII UTF-8 characters.

Fixed, thanks! I also took care of a similar potential
problem in gpgkeys_ldap.c (it wasn't a problem as the
delimiter was 7-bit clean, but best to fix it anyway).

Jul 13 2006, 12:42 AM · Bug Report, gnupg
dshaw closed T683: gpgkeys_hkp crashes when the query contains non-ASCII UTF-8 characters as Resolved.
Jul 13 2006, 12:42 AM · Bug Report, gnupg

Jun 10 2006

dshaw closed T659: GPG fails to create signature subkey on smartcard as Resolved.
Jun 10 2006, 7:36 AM · Bug Report, gnupg
dshaw added a comment to T659: GPG fails to create signature subkey on smartcard.

Fixed.

Jun 10 2006, 7:36 AM · Bug Report, gnupg

Jun 6 2006

dshaw closed T665: d as Resolved.
Jun 6 2006, 8:00 AM · Bug Report, gnupg
dshaw added a comment to T665: d.

No bug here.

Jun 6 2006, 8:00 AM · Bug Report, gnupg

May 17 2006

dshaw closed T658: gnupg fails when using --homedir and --gen-key first time as Resolved.
May 17 2006, 12:46 AM · Bug Report, gnupg
dshaw added a comment to T658: gnupg fails when using --homedir and --gen-key first time.

This works correctly in 1.4.3.

May 17 2006, 12:46 AM · Bug Report, gnupg

May 8 2006

dshaw added a comment to T651: hkp query fails on some keyservers.

From: "Woody Weaver -X \(wooweave - Links Technology at Cisco\)" <wooweave@cisco.com>
To: <bug-any@bugs.gnupg.org>, <gnupg-hackers@gnupg.org>,

<gnats-admin@trithemius.gnupg.org>

Cc:
Subject: RE: gnupg/651
Date: Mon, 8 May 2006 15:32:48 -0400

May 8 2006, 11:16 PM · Bug Report, gnupg
dshaw added a comment to T651: hkp query fails on some keyservers.

This is not a bug. We do not support that keyserver over
HKP, only LDAP. It is true we used to in 1.4.2 (and in fact
you can reenable such support in 1.4.3 by building with
--enable-old-keyserver-helpers), but this required GPG to
parse the HTML response which varied slightly between
different keyservers. As new keyserver types came online,
we had to detect their own flavor of that HTML and adapt to
it - utterly unscalable. Newer keyservers either use LDAP
or (like pgp.mit.edu) use a consistent machine-readable output.

May 8 2006, 11:16 PM · Bug Report, gnupg

Apr 23 2006

dshaw closed T641: cannot verify "encrypted and signed" data as Resolved.
Apr 23 2006, 1:36 AM · Bug Report, gnupg
dshaw added a comment to T641: cannot verify "encrypted and signed" data.

Not a bug.

Apr 23 2006, 1:36 AM · Bug Report, gnupg

Apr 22 2006

dshaw added a comment to T646: NetBSD, when Curl is installed, the include fails on several files.

From: Gilbert Fernandes <gilbert.fernandes@club-internet.fr>
To: bug-any@bugs.gnupg.org
Cc:
Subject: Re: gnupg/646
Date: Sat, 22 Apr 2006 20:14:24 +0000

Apr 22 2006, 5:38 AM · Bug Report, gnupg
dshaw closed T646: NetBSD, when Curl is installed, the include fails on several files as Resolved.
Apr 22 2006, 5:38 AM · Bug Report, gnupg
dshaw added a comment to T646: NetBSD, when Curl is installed, the include fails on several files.

Fixed for 1.4.4. Just comment the #include <curl/curl.h>
out for 1.4.3.

Apr 22 2006, 5:38 AM · Bug Report, gnupg

Mar 8 2006

dshaw added a comment to T614: gpg --list-secret-keys gives different output on first and subsequent runs.

There is a false premise here. You cannot parse the output
of GnuPG as we will gleefully change it in the future and
break your script. The only way to safely use GnuPG from a
script is via the --status-xxx interface, which will not
change. See the file doc/DETAILS.

Mar 8 2006, 6:40 AM · Bug Report, gnupg
dshaw closed T614: gpg --list-secret-keys gives different output on first and subsequent runs as Resolved.
Mar 8 2006, 6:40 AM · Bug Report, gnupg
dshaw added a comment to T614: gpg --list-secret-keys gives different output on first and subsequent runs.

From: David Shaw <dshaw@jabberwocky.com>
To: John Schofield <schof@dakim.com>
Cc: bug-any@bugs.gnupg.org
Subject: Re: gnupg/614
Date: Wed, 8 Mar 2006 13:49:36 -0500

Mar 8 2006, 6:40 AM · Bug Report, gnupg

Jan 11 2006

dshaw closed T586: gpg --batch --gen-key fails as Resolved.
Jan 11 2006, 4:56 AM · Bug Report, gnupg
dshaw added a comment to T586: gpg --batch --gen-key fails.

This has already been fixed for 1.4.3

Jan 11 2006, 4:56 AM · Bug Report, gnupg
dshaw added a comment to T585: requirement of "hkp" URL scheme misguided.

hkp and http are in fact two different and incompatible
schemes. If you wish to discuss this, please take it to the
gnupg-users or gnupg-devel mailing lists.

Jan 11 2006, 4:55 AM · Bug Report, gnupg