On Tue, Nov 15, 2005 at 10:16:57AM -0800, "Hal Finney" wrote:
example imagine a signature which says, I am not vouching for the binding
between userid and key, but rather I am making a certain assertion about
this userid or key. If we don't understand this notation the correct
thing is to ignore the signature, and that is in fact what the spec says
should happen.
Yes, that is my understanding as well. Critical notation means that it is
essential for the correct interpretation of the signature and without
understanding the notation the signature is meaningless.
Critical notations allow implementors to essentially extend signature
semantics beyond the official set of signature types. We have a protected
namespace for proprietary extensions, and we have the ability for legacy
applications silently to ignore unrecognized extensions. It's a good
feature.
I agree.
As for the subject of our discussion, I think that we all agree that the
spec for 0x80 should be stripped of "a note from one person to another..."
bit., because one major implementation does not treat it that way.
The only disagreement seems to be whether "a note from one person to
another" should be retained as an interoperable feature or should it be
delegated to private notation namespace.
The disadvantage of the latter approach would be that various implementers
would (possibly) implement this same semantics with a host of different
notation names and won't interoperate.
Now, I can see that implementing the former using a type flag also causes
problems. Maybe, it should be a common, ITEF-namespace notation? Or an
entirely separate subpacket type akin to "reason for revocation"?
I am not sure. But in either case, as far as immediate modifications to the
standard text are concerned, this "a note..." part should be removed from
the definition of 0x80, because it means something that 0x80 definitely
doesn't. Whether or not to add that text someplace else is an entirely
different question.
--
Daniel