Hi, while doing some statistics on the keys on the keyservers, I stumbled upon roughly 3000 keys with the UserID noone@proofmode.witness.org. All those keys are public keys with an RSA Sign-Only Public-Key packet. According to RFC4880 such keys should not be generated:
There are algorithm types for RSA Sign-Only, and RSA Encrypt-Only keys. These types are deprecated. The "key flags" subpacket in a signature is a much better way to express the same idea, and generalizes it to all algorithms. An implementation SHOULD NOT create such a key, but MAY interpret it.
n8fr8
commented
5 years ago
Hi, while doing some statistics on the keys on the keyservers, I stumbled upon roughly 3000 keys with the UserID
noone@proofmode.witness.org. All those keys are public keys with an RSA Sign-Only Public-Key packet. According to RFC4880 such keys should not be generated:I think the problem is in https://github.com/guardianproject/proofmode/blob/b6662e0e2f13e95570dacba27c14c0e8d13030c1/android-libproofmode/src/main/java/org/witness/proofmode/crypto/PgpUtils.java#L210-L211 where the constants
RSA_SIGNandRSA_ENCRYPTare being used instead ofRSA_GENERAL.