-----BEGIN PGP SIGNED MESSAGE-----
From: "Werner Koch" <wk(_at_)gnupg(_dot_)org>
Another question is the format. Should we include only the public
parameters or more stuff in the MDC? A solution I would like to see
is to just hash the fingerprint of the key along with the secret
I prefer hashing the full packet (v4-style, even for any v3 packets
that use an MDC), but I could live with hashing the fingerprint. Old
v3 fingerprints are slightly flawed (in that they don't hash the MPI
sizes), but I suppose an exploit does seem unlikely here. Hashing
the whole thing just feels more consistent.
think of putting the secet parameters on a hardware token and there
might be not enough space to store the public parameters - the
But this wouldn't be an OpenPGP format. The OpenPGP secret key packet
includes the public key material. Of course, an implementation can
use its own internal key storage format (and associated protection).
When such a hardware-token transformation cuts off the public key
parameters, it can cut off the MDC (and add a new one if it sees fit).
The spec need only deal with transmission among OpenPGP implementations.
Personally, I find it unlikely that an implementation would cut off
the public key parameters at all. It would have to do so very
selectively, as many of them are necessary for private key operations
as well. It also seems to me that you'd want the card to be able to
verify past results from its own key, in which case it might want the
public parts. Lastly, it seems wise to perform consistency checks
between the public/private parts even in the presence of an MDC.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBO5Zm4WNDnIII+QUHAQHkZwgAlvxLPocVqq1y9sumbVszcSzh/0+tvvOs
3GljV627UlSEY8CnvZa2cCJEqj3W3ZcQJJODPnJg7ZYhD1BUngQi0aar7n0FaIwz
OBybBNjKoMtiQeoCiUY/TqIUuLomWSA1cT0Z0AGSDwGCwiv3UJ+q4EyxYAIQZqu2
FFD9KufBmf+w0sFXhASVkgtMj1+9NA+WIdlMiYthOFAFmwhWzC1EgvhNm4ASVhUx
6llurDAN9JhJuaCdkctYJw3zhD80gUyMzhvQb2VN0zKI1bz2PuaGnOB/OwJkifig
R7B16UDthP4sjB/CaAxUCzvH1dbuQesSCw+no/KNWeiL+kMZejQPIA==
=Sg/T
-----END PGP SIGNATURE-----