List:General Discussion« Previous MessageNext Message »
From:Benjamin Pflugmann Date:June 8 2002 1:30pm
Subject:Re: Storing PGP keys
View as plain text  
Hello.

On Sat 2002-06-08 at 11:00:43 +0200, savage@stripped wrote:
> What would be the best way to store PGP keys for optimal queries in MySQL
> (using search / indexes on the columns)....
> 
> text / blob??

No storage difference. TEXT/BLOB differ in whether they treat the data
case-sensitive in queries. So BLOB is the only reasonable here, IMHO.

You did not say in which format you want to handle the PGP keys.
Binary or ascii-armoured? (depends on what your application can
process best).

> Also, for a PHP & Perl based series of applications, would it be
> better to store / validate / compare these values in a database, or
> should it be better managing them via the pgp binaries?

I am not sure what you mean by validating these values in the
database, but no matter what, do not even consider to do any checks
yourself, which can be done by existing stuff. Use already-working
applications/perl-modules/whatever. Programming security-relevant
checks yourself only asks for security holes (i.e. use the PGP
binaries if you cannot find anything more appropriate).

> I'm intending to use PGP keys to establish authentication (trusts)
> from incoming email messages to register items in a database...

Did you try to find existing projects at first? Sounds like you are
re-inventing the wheel. Cannot believe this hasn't be done before.

E.g. http://freshmeat.net/projects/upgpverify/?topic_id=29%2C43 may
(or may not) contain something you can re-use.

Bye,

	Benjamin.

-- 
benjamin-mysql@stripped
Thread
Storing PGP keysChris Knipe8 Jun
  • Re: Storing PGP keysBenjamin Pflugmann8 Jun