ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

section 4.3

1997-12-30 04:42:52
from [William H. Geiger III] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----

Hi,

I have a question regarding the Packet Tags (aka Cipher Type Byte) in
section 4.3 [page 16].

It has 14 as subkey packet, 15 reserved, and 16 as comment packet but
accorinding to my notes the comment packet currently is 1110 (14 base 10).
Also since 0-F is 0-15 (16 digits) it would seem that the Reserved status
for type 15 needs to be removed and that the Subkey Packet type be
assigned this number. This is assuming we are keeping current CTB's as is
and reserving the 2 byte type codes for future use.

After the holidays would it be possiable to get some type of status report
to the list as far as where we are with the drafts?

There are quite a few issues that AFAIK are still unresolved yet there
seems to be little to no discussion of them:

- -- UserID Revocation
- -- Signing of Just the Key
- -- Signing of Key and multiple userID's

I also have some problems with some of the signature subpackets.

- -- Revokable

Is it really appropriate to have a signature that can not be revoked?

Also I didn't note any mechanism to inform an end user that various
preferences in the subpacket had changed. Perhaps there could be an
"update" signature subpacket. Basicly this is how it would work:

Adam self-signs his public key with all his preferences and then posts the
key to his prefered public keyserver.

Mary DL's the key and her OP software follows all of Adams preferences.

6mo latter Adam has updated his software and has new preferences.

On all messages that Adam signs there is an "update" subpacket that tells
Mary's OP software that Adam has changed his preferences and to get an
updated key.

At this time Mary need not know what changes have been made only that
there has been changes and a updated key needs to be obtained.

All that should be needed in the update subpacket is a timestamp which can
be compared to the timestamp on the self signature on the public key. 

I wouldn't mind hearing where others are in implementing the OpenPGP draft
(others are writting code arn't they <g>).

- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://users.invweb.net/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/pgpmr2.html                 
       
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNKje7I9Co1n+aLhhAQHNqAP9F6HkjmyYhi0ymJJmF9llKF+dWYxnsNb+
Cm+GRSFpQZY5juOLUV1x6iSgNQsL/mX9dvXmfQ2CFDfMpLuL6sEmOhWMvvoaPd/f
sYI01qMB71TPLJC+inLGBskO2WZBuKC1y/6ozT5BzzNN1ZCCZY0Ul+3mnCtsV/qP
xRWHIuCrb4Y=
=WlMc
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Proposed Extensions to TLS for OpenPGP, Tom Weinstein
Next by Date:  Re: Proposed Extensions to TLS for OpenPGP, Ben Laurie
Previous by Thread:  Proposed Extensions to TLS for OpenPGP, Will Price
Next by Thread:  Re: section 4.3, Hal Finney
Indexes:  [Date] [Thread] [Top] [All Lists]