In <99May17(_dot_)201900edt(_dot_)42114(_at_)brickwall(_dot_)ceddec(_dot_)com>,
on 05/17/99
at 07:19 PM, Tom Zerucha <tzeruch(_at_)ceddec(_dot_)com> said:
I don't know about this particular signature packet or extension, but I
would hope you aren't violating any part of the existing spec with this
addition.
I had done a detailed analysis of this key for the PGP-Keyserver Operators
group this weekend (I can post here if desired). IMHO the signature looks
foobared and violates several aspects of RFC 2440. I don't mind creating a
method to convert X.509 stuff to OpenPGP, I don't even mind the X.509
certs being encapsulated in a hashed subpacket. But if we are going to do
all this the end result should be a valid OpenPGP Key that contains the
following 3 elements:
Valid OpenPGP Public Key Packet
Valid OpenPGP UserID Packet
Valid OpenPGP SelfSignature
I don't think that the X.509 packet alone should qualify as a valid
SelfSignature but instead during the conversion process a OpenPGP
SelfSignature should be generated. Of course this would require that a
corresponding OpenPGP secret key be generated during the conversion
process. Otherwise I really don't see the point of going through the
conversion process at all.
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
---------------------------------------------------------------