At 12:15 PM 11/14/97 GMT, Adam Back wrote:
It would seem that these extensions should be self signed and perhaps
attachable to userIDs so that different userIDs could be marked for
different capabilities. (Perhaps the client you use at your home
email address has the FS extension, but the one at the office does
not, etc).
Comments?
I couldn't agree more. You got it.
The draft has spent this week with people not giving me comments. :-) We
should have it for you in a day or so.
There are two parts of the extension mechanism: a "notation" that is a tag
and value (16-bit length for each, no encoding assumed) that can be put in
any signature. This is so it can be used both for extensions, but also for
human-readable notes. You might, for example, put in a document signature
"read but not agreed to". The second part is a "standalone signature" which
is a signature that hashes only over its own subpacket contents. This is so
you can have signatures that encode their own extension pieces so that they
can act like SPKI certificates (or even *hold* SPKI certificates) or any
other type of advanced use.
Jon
-----
Jon Callas jon(_at_)pgp(_dot_)com
Chief Scientist 555 Twin Dolphin Drive
Pretty Good Privacy, Inc. Suite 570
(415) 596-1960 Redwood Shores, CA 94065
Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS)
665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA)