Hi everyone.
I've been combing through the working spec as I try to add support for
transferring keys into PGP format into a crypto library (the DiceKeys
seeded cryptography library) and an app that generates keys from physical
randomness (DiceKeys). This is my first time working with PGP keys and
with the spec so I have been trying to understand it with a fresh set of
eyes.
I've filed five issues based on points where I'm genuinely confused. I
haven't engaged with an IETF group for over a decade so I hope you'll
excuse me if I'm doing so incorrectly.
The issues are:
#32 <https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/32>: an
inconsistency between the number of stated optional fields (4) and actual
optional fields (3).
#33 <https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/33>: ambiguity
about whether checksums are included in a v5 length packet
#34 <https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/34>: challenges
for the reader to identify which fields changed in v5 packets
#35 <https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/35>: ambiguity
about whether packet headers are included when a secret-key packet starts
with the contents of the corresponding public-key packet.
#36 <https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/36>: confusion
about if/how one SHOULD self-sign secret keys that cannot themselves be
used to create signatures (e.g., EC DH keys)
Thanks so much,
Stuart Schechter
DiceKeys / UC Berkeley
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp