ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

More draft comments

1997-12-04 23:11:12
from [Tony Mione] [Permanent Link] 


Some more comments....hope they are helpful.

Secition 5.4:

...
        - A one-octet number describing the public key algorithm used.
        - An eight-octet number holding the key ID of the signing key.
        - A one-octet number holding a flag showing whether the signature...
...

        Why is the keyID needed? It should be present in the actual
signature packet at the end of the message (in an Issuer ID subpacket
within the actual signature packet). Isn't this a waste of space? Also,
what if you are setting up one pass signing for multiple keys? Do you need
multiple one pass signature packets if all of the other information is the
same (pk algorithm, sig type, hash alg, etc)?

Section 5.5.3:

        Why are p and q saved? My understanding was that these are not
needed should be thrown away after the keypair is generated. If the secret
key exponent is saved in addition to the public exponent, then there is no
need for these pieces of data. Or am I totally missing something?

Section 5.12, second editor's note:

...
{{Editor's note: should we put in an X.509 encapsulation packet type?}}
...

        How about a new packet type for all certificates. Internally, it
can included a certificate type (PGP Classic = 1, OpenPGP = 2, X.509 = 3,
SPKI = 4, etc.) followed by certificate-specific contents (ASN.1 crud
for X.509, s-expression for SPKI, etc).

Section 7.1:

        In each case, exactly what material is the key signing? The
signature packet says which subpackets are included in the signed material,
however, what parts of the preceding packets are hashed and signed:

        - The entire public key packet followed by the entire user-id packet?
        - The MPIs from the pk packet + user-id data?
        - only the actual key material from the pk packet + the user-id data?

Section 8:

        Ok, now I'm confused. How does this relate to the public key
packet? If this is not a packet, but rather a stored structure, then why is
it in a document on Message Formats?

Tony Mione, RUCS/NS, Rutgers University, Hill 055, Piscataway,NJ - 732-445-0650
mione(_at_)nbcs-ns(_dot_)rutgers(_dot_)edu                 W3: 
http://www-ns.rutgers.edu/~mione/
PGP Fingerprint : E2 25 2C CD 28 73 3C 5B  0B 91 8A 4E 22 BA FA 9F
Editorial Advisor for Digital Systems Report   ***** Important: John 17:3 *****
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: new algorithm identifier of the symmetric cryptosystem., Jon Callas
Next by Date:  Re: More draft comments, Lutz Donnerhacke
Previous by Thread:  Re: DSS lengths, Peter Gutmann
Next by Thread:  Re: More draft comments, Lutz Donnerhacke
Indexes:  [Date] [Thread] [Top] [All Lists]