ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: proposed edit (Re: OpenPGP WG meeting minutes)

1998-02-12 13:09:34
from [Adam Back] [Permanent Link] 

Jon Callas <jon(_at_)pgp(_dot_)com> writes:

Adam Back At 12:53 AM 1/30/98 GMT, wrote:
   Would it help if some one wrote a few sentences of specific wording to
   put in there?
   
Yes, please. It is *always* better to provide a few sentences or a
paragraph, because then I don't have to guess.


[Editing note: lines prefixed with '-' indicate deletion, prefixed
with '+' indicate addition, and '!' indicate leave as is].

OK, here we go, I propose replacing signature subpacket 10 which is
currently listed as:

-           10 = additional recipient request,

with:

+           10 = reserved,

and replacing this text:

-     Additional recipient request (1 octet of class, 1 octet of algid, 
-                                   20 octets of fingerprint) (Hashed)
- 
- Key holder requests encryption to additional recipient when data is
- encrypted to this username.  If the class octet contains 0x80, then the
- key holder strongly requests that the additional recipient be added to
- an encryption.  Implementing software may treat this subpacket in any
- way it sees fit. This is found only on a self-signature.

with:

+     Reserved
+
+ This subpacket is reserved for historic reasons.  The critical bit if
+ set should be ignored for this subpacket.  This stipulation is to
+ assure interoperability.

and adding after this text:

! Bit 7 of the subpacket type is the "critical" bit.  If set, it implies
! that it is critical that the subpacket be one which is understood by
! the software.  If a subpacket is encountered which is marked critical
! but the software does not understand, the handling depends on the
! relationship between the issuing key and the key that is signed.

+ Note the critical bit should be ignored for signature subpacket 10.
+ See section 5.2.2.2.


Are there any other references which need to be fixed to tie in?



In this particular case, I don't understand the problem that we're trying
to solve, nor what the solution is.


The problem we are trying to solve is PGP Inc's ARR packet.  A
document describing the security and political problems with the ARR
subpacket can be found here:

        http://www.dcs.ex.ac.uk/~aba/cdr/

Or you consult the archives for the volumes of previous discussions,
or I am sure we go over the discussion again if required.

Adam
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  PRZ style CFB mode description preferences, Adam Back
Next by Date:  Re: Extension to packet lengths, Adam Back
Previous by Thread:  Re: proposed edit (Re: OpenPGP WG meeting minutes), Jon Callas
Next by Thread:  Re: proposed edit ARR, Lutz Donnerhacke
Indexes:  [Date] [Thread] [Top] [All Lists]