ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Version 4 keystructure

1998-05-23 02:04:23
from [Patrick Feisthammel] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----

Hi!

I'm reading the Draft 03 regarding the key structures and it seams as
if the structure of version 4 keys is not exactly defined.

In 10.1 Transferable Public Keys:

   Each Subkey packet must be followed by at least one Signature
   packet, which should be of the subkey binding signature type, issued
   by the top level key.

   Subkey and Key packets may each be followed by a revocation
   Signature packet to indicate that the key is revoked.

and in 11.1. Key Structures:

           Primary-Key
              [Revocation Self Signature]
              [Direct Key Self Signature...]
               User ID [Signature ...]
              [User ID [Signature ...] ...]
              [Subkey Primary-Key-Signature ...]

   A subkey always has a single signature after it that is issued using
   the primary key to tie the two keys together. 


11.1 contradicts 10.1 because it says there is a _single_signature after 
the subkey. But in 10.1 there is _at least one_ signature.

I'm also not sure about the revocation signature, I guess the key
structure is:

           Primary-Key
              [Revocation Self Signature]
              [Direct Key Self Signature...]
               User ID [Signature ...]
              [User ID [Signature ...] ...]
              [Subkey Primary-Key-Signature ... 
                  [Subkey revocation signature] ...] 


meaning: 

1. there can be multiple Primary-Key-Signature to a single Subkey

2. after the Primary-Key-Signatures a Subkey revocation signature can
follow.

3. This package sequence (1. and 2.) can be repeated multiple times.


Could someone correct my guess? Please note, that I assume that the
subkey revocation signatures always follow the Primary-Key-Signatures and
therefor the sequence

  Subkey 
  Primary-Key-Signature
  Subkey revocation signature
  Primary-Key-Signature 

is not allowed.


Cheers, Patrick

- ---
 PGP-KeyID: DD934139 (pafei(_at_)rubin(_dot_)ch)    encrypt mail with PGP if 
possible
 more about PGP on http://www.rubin.ch/pgp/ (english and german)
 what ist the web of trust? see http://www.rubin.ch/pgp/weboftrust.en.html
 Das Vertrauensnetz von PGP:    http://www.rubin.ch/pgp/weboftrust.de.html

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQESAwUBNWaR35VgYabdk0E5AQEhdwfjBqKqKxhAcPg3Zzy3QGUfMq8m9kdt2wxb
Yw2ixGziTspFQ+uM6bQLJnkfOoeF9VeUEKeyVvPzTaCpfD0xT5sTmJa09SrXSAW3
Mt63gXJYgJjXmzSwB0wvPztyrFnARfZ30aEoosUGAddLdpVog3oBi/YgQR46Mo+x
b2dD6BXFA8R08fQ5XtInHRZYNpy+5WUdqn6kUsp7UNo+8p9UGlpbpSJHUf6nPpFT
b+VOuiMQ/ZuOor/gxPCis2PMtjERXMpZAb4VpgBmpKxbhC7Fqq+aKOs8Q1u5aRwg
kGqXd9vJN8+lHVD74owt5jfjalQgjzt6dYx9ZBvsmHkc4yaGQw==
=lqIH
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Version 4 keystructure, Patrick Feisthammel <=
Previous by Date:  Procedures for updating RFC, William H. Geiger III
Next by Date:  PGPticket, Vinnie Moscaritolo
Previous by Thread:  Procedures for updating RFC, William H. Geiger III
Next by Thread:  PGPticket, Vinnie Moscaritolo
Indexes:  [Date] [Thread] [Top] [All Lists]