Re: Debian Bugs information: logs for Bug#319116

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Debian Bugs information: logs for Bug#319116

Shaun Jackman
The following bug submitted by a Debian user is requesting that the
plus symbol ('+') be added as a a legal key ID character. I'd like to
see the key ID accept arbitrary text, but in particular I'd like to
see space, left angle bracket, and right angle bracket as legal
characters to support email addresses including a full name, such as
Shaun Jackman <[hidden email]>.

Cheers,
Shaun

> From: J C Lawrence <[hidden email]>
> To: Debian Bug Tracking System <[hidden email]>
> Subject: monotone: genkey fails on plus addresses
> Date: Tue, 19 Jul 2005 16:07:14 -0700
> Package: monotone
> Version: 0.20-1
> Severity: normal
>
> $ monotone --db=./monotone.db genkey "[hidden email]"
> monotone: misuse: error converting 13 UTF-8 bytes to IDNA ACE: non-LDH characte
> rs

> From: Tomas Fasth <[hidden email]>
> To: J C Lawrence <[hidden email]>,  [hidden email],
>  [hidden email]
> Subject: Re: Bug#319116: monotone: genkey fails on plus addresses
> Date: Wed, 20 Jul 2005 12:50:28 +0200
>
> Hello J C,
>
> Apperently you are not allowed to use certain characters, in your
> case '+', as key id in monotone. IDNA stands for "Internationalizing
> Domain Names in Applications" and is defined in RFC 3490. ACE stands
> for "ASCII Compatible Encoding" and LDH is an abbreviation for
> "letters, digits, hyphen". For some reason the key id is restricted
> to this definition, and '+' is therefore not a valid character in a
> key id. If you wish, you can contact the upstream authors and ask
> them to make this less restrictive.
>
> Regards
> Tomas Fasth <[hidden email]>


_______________________________________________
Monotone-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/monotone-devel
Reply | Threaded
Open this post in threaded view
|

Re: Re: Debian Bugs information: logs for Bug#319116

Richard Levitte - VMS Whacker
In message <[hidden email]> on Thu, 27 Oct 2005 11:04:09 -0600, Shaun Jackman <[hidden email]> said:

sjackman> The following bug submitted by a Debian user is requesting
sjackman> that the plus symbol ('+') be added as a a legal key ID
sjackman> character. I'd like to see the key ID accept arbitrary text,
sjackman> but in particular I'd like to see space, left angle bracket,
sjackman> and right angle bracket as legal characters to support email
sjackman> addresses including a full name, such as Shaun Jackman
sjackman> <[hidden email]>.

Hmm, it seems that the plus symbol is allowed in a bleeding edge
monotone:

: ; monotone genkey [hidden email]
monotone: generating key-pair '[hidden email]'
enter passphrase for key ID [[hidden email]]:
confirm passphrase for key ID [[hidden email]]:
monotone: storing key-pair '[hidden email]' in /home/levitte/.monotone/keys/

Actually, considering it says 13 (!) UTF-8 characters were incorrect,
I doubt the plus symbol had anything to do with it.

Cheers,
Richard

sjackman> > From: J C Lawrence <[hidden email]>
sjackman> > To: Debian Bug Tracking System <[hidden email]>
sjackman> > Subject: monotone: genkey fails on plus addresses
sjackman> > Date: Tue, 19 Jul 2005 16:07:14 -0700
sjackman> > Package: monotone
sjackman> > Version: 0.20-1
sjackman> > Severity: normal
sjackman> >
sjackman> > $ monotone --db=./monotone.db genkey "[hidden email]"
sjackman> > monotone: misuse: error converting 13 UTF-8 bytes to IDNA ACE: non-LDH characte
sjackman> > rs
sjackman>
sjackman> > From: Tomas Fasth <[hidden email]>
sjackman> > To: J C Lawrence <[hidden email]>,  [hidden email],
sjackman> >  [hidden email]
sjackman> > Subject: Re: Bug#319116: monotone: genkey fails on plus addresses
sjackman> > Date: Wed, 20 Jul 2005 12:50:28 +0200
sjackman> >
sjackman> > Hello J C,
sjackman> >
sjackman> > Apperently you are not allowed to use certain characters, in your
sjackman> > case '+', as key id in monotone. IDNA stands for "Internationalizing
sjackman> > Domain Names in Applications" and is defined in RFC 3490. ACE stands
sjackman> > for "ASCII Compatible Encoding" and LDH is an abbreviation for
sjackman> > "letters, digits, hyphen". For some reason the key id is restricted
sjackman> > to this definition, and '+' is therefore not a valid character in a
sjackman> > key id. If you wish, you can contact the upstream authors and ask
sjackman> > them to make this less restrictive.
sjackman> >
sjackman> > Regards
sjackman> > Tomas Fasth <[hidden email]>

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis


_______________________________________________
Monotone-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/monotone-devel
Reply | Threaded
Open this post in threaded view
|

Re: Re: Debian Bugs information: logs for Bug#319116

Nathaniel Smith
On Thu, Oct 27, 2005 at 07:33:20PM +0200, Richard Levitte - VMS Whacker wrote:
> Actually, considering it says 13 (!) UTF-8 characters were incorrect,
> I doubt the plus symbol had anything to do with it.
[...]
> sjackman> > $ monotone --db=./monotone.db genkey "[hidden email]"
> sjackman> > monotone: misuse: error converting 13 UTF-8 bytes to IDNA ACE: non-LDH characte

$ echo -n 'claw+monotone' | wc -c
13

The part before and after the @ are handled differently, since i18n
domain names have special mangling magic just for them.

But as noted, + was added as a legal character back in July, somewhere
around the 0.21 release (so I don't know if 0.21 had it without more
spelunking, but 0.22 and 0.23 definitely did).

BTW, I'm not, offhand, _too_ impressed by the idea of allowing
arbitrary text.  If "Bob Jones <[hidden email]>" and "Rob Jones
<[hidden email]>" are different keys, is anyone going to notice?  If
you're talking over some channel (IRC or face-to-face or whatever),
are you going to paste the whole thing to make sure to be unambiguous?
Monotone does a lot of low-profile work behind the scenes to try and
make sure informal channels like that work out to have nice security
properties without anyone having to really think about it or do
anything special, and I'm worried that allowing more free-form,
multi-part key names hurt that.

-- Nathaniel

--
Eternity is very long, especially towards the end.
  -- Woody Allen


_______________________________________________
Monotone-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/monotone-devel