ietf-openpgp
[Top] [All Lists]

Re: V5 signatures

1999-05-28 02:22:52
On 1999-05-28 10:10:29 +0200, Werner Koch wrote:

Because this is a conflict we really should address it with a new
v5 signature paket.  Changes to an implementaion are minimal.  And
while we are at it, we should consider to apply some rules to the
name part of notation data - so that we can have unique names.
Thomas Roessler already mentioned this and proposed a SSH like
scheme for this.

I wouldn't confine this to V5 signatures. ;)

As for notation data naming, the suggestion is as follows.  It's
derived from what the secsh internet drafts do for "registering"
new algorithms.

------------------------------

Notation data naming

   OpenPGP "notation data" signature sub-packets traditionally consist
   of a name and a value, both of which are arbitrary, UTF-8 encoded
   strings.

   The OpenPGP standard does not define any registry for defined
   notation data names, nor does it describe safe extension mechanisms.

   The present document defines two name spaces for notation data names:
   The IETF name space and the user name space.

   Notation data names in the IETF name space consist of an arbitrary
   string of UTF-8 encoded characters, with the exception that the
   character "@" ("at") MUST NOT occur in such a name.

   XXX - describe IANA registration procedures.

   Notation data names in the user name space consist of a tag, followed
   by the "@" character, followed by a DNS domain name.  The tag may be
   an arbitrary string of UTF-8 encoded characters, with the exception
   that the character "@" MUST NOT occur in such a name.  The DNS domain
   name must be under the exclusive control of the person or entity
   which introduces the notation data name in question.

   For example, if The Example Corporation wishes to introduce sample
   notation data, the appropriate notation data name could be
   "sample(_at_)example(_dot_)com".

------------------------------


<Prev in Thread] Current Thread [Next in Thread>