[spam-stopper] minimum length for akismet keys and ksd_auto_check_comment

[Terra Frost]

I'd like to perform some validation of my own before sending the verify 
request and am not sure which conditions I could validate against.  Size 
seems like a reasonable one, but I'm not sure what the minimum size for 
an Akismet key is.  The Wordpress plugins' html form field has its size 
parameter equal to 12 and its maxlength parameter equal to 15.  Does 
this mean that the minimum size is 12?

Also, I have a few questions about the ksd_auto_check_comment function 
in the Wordpress plugin.  For conveniences sake, here's the code:

    global $auto_comment_approved, $ksd_api_host, $ksd_api_port;
    $comment['user_ip']    = preg_replace( '/[^0-9., ]/', '', 
$_SERVER['REMOTE_ADDR'] );
    $comment['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
    $comment['referrer']   = $_SERVER['HTTP_REFERER'];
    $comment['blog']       = get_option('home');

    $ignore = array( 'HTTP_COOKIE' );

    foreach ( $_SERVER as $key => $value )
        if ( !in_array( $key, $ignore ) )
            $comment["$key"] = $value;

    $query_string = '';
    foreach ( $comment as $key => $data )
        $query_string .= $key . '=' . urlencode( stripslashes($data) ) . 
'&';

The user-agent is going to end up in $query_string twice, it looks like 
- once as "user_agent" and once as "HTTP_USER_AGENT".  As such, why not 
just eliminate this redundancy and add HTTP_USER_AGENT to the $ignore 
list?  The same goes for referrer / HTTP_REFERER and (maybe - see my 
next question) user_ip / REMOTE_ADDR.

Finally, under what conditions is $_SERVER['REMOTE_ADDR'] going to have 
characters other than 0-9 or .?  IPv6, I guess, adds square brackets and 
colons, but not a coma or a space (or anything else, for that matter)...