Commit 061bf73a authored by Daniel Kahn Gillmor's avatar Daniel Kahn Gillmor

clean up cruft from stored keyrings

I noticed that there was some cruft in the OpenPGP keys we are
distributing.  For example, NIIBE's key (0x00B45EBD4CA7BABE) contained
multiple copies of his weird bitcoin ECC subkey.

gpg(1) has a nice import-option for curation/cleanup.  It says:

    import-export
       Run the entire import code but instead of storing the key
       to  the local keyring write it to the output.
         [ ... ]
       This  option can be used to remove all invalid parts from
       a key without the need to store it.

so i used this against all the keys in debian-keyring-gpg, like so:

    for targ in 0x* ; do
       gpg --no-keyring --batch --quiet \
           --import-options import-export --import \
           < $targ > tmp && \
       /bin/mv tmp $targ
    done

You can see what's changed with:

   GIT_EXTERNAL_DIFF=openpgp-diff git diff

where openpgp-diff looks something like:

echo  "changes to file $1"
diff -u <(pgpdump <"$2") <(pgpdump <"$5")
true

This removes ~400KB (about 1.5% by volume) of malformed misaligned, or
duplicated OpenPGP packets.
parent 6c13f1a7
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment