ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: questions: packet tag or content tag (4.3), what is placed in hashed subpacket field (5.2.3), critical bit (5.2.3.1), default user id (5.2.3.3)

2000-05-18 21:40:30
from [hal] [Permanent Link] 
here are some more clarification questions...

-section 4.3 is titled "Packet Tags", and the term "packet tag" is used
 throughout, but strictly speaking, shouldn't that be "content tag" as
 per section 4.2?


I'll let someone else worry about that...


-section 5.2.3 describes the version 4 signature packet format.  one of the
 fields is described as:

   Hashed subpacket data. (zero or more subpackets)

 what is meant by "hashed" here?  are the contents of this field actual
 subpackets or hash(subpackets)?  i presume it is the former and that 
 "hashed" refers to the fact that the "hashed subpackets" field is included
 among the material that is hashed when a signature is computed.  


Yes.


 so "normally" the contents of the "hashed subpackets" field and the 
 "unhashed subpackets" field should be identical, correct?


No.  Some subpackets are hashed, while other ones are unhashed.  The
latter are not protected by the signature and would be considered
"advisory", like hints about where to find the signing key.  Currently
we consider signing key id to be in that category.


-section 5.2.3.1 describes the signature subpacket specification.  in
 the description of the subpacket header there is the following:

   - the subpacket type (1 octet)

 then, shortly after:

   The value of the subpacket type octet may be:

       2 = signature creation time
       ...
       100 to 110 = internal or user-defined

 however:

   Bit 7 of the subpacket type is the "critical" bit.  If set, it
   denotes that the subpacket is one that is critical for the evaluator
   of the signature to recognize.  If a subpacket is encountered that
   is marked critical but is unknown to the evaluating software, the
   evaluator SHOULD consider the signature to be in error.

 i presume this means that the legal values (2, 3, 4, 5, 6, 7, etc.) listed
 for the subpacket type octet actually refer to bits 6 through 0 of the
 octet, and not that there haven't been any "critical subpacket types" defined
 yet.  is this correct?  if so, i think alternate wording would be less
 ambiguous.


Yes, your interpretation is correct.


-section 5.2.3.3 has some notes on self-signatures.  the following text
 appears therein:

   If the key is located by key id, then algorithm of the default user id 
   of the key provides the default symmetric algorithm.

 the term "default user id" is used -- i failed to locate a definition for
 this term.  could someone point out the definition in the specification 
 or give one?


The default user id is better known as the primary user id - the user id
with a self-signature on it that includes the primary user id subpacket.

Hal
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: questions about sections 3.6.1.2 and 3.6.1.3 (was Re: question about section 3.6.1.1 simple s2k: how does preloading work?), hal
Next by Date:  Re: PGP/MIME: Time for last call?, Thomas Roessler
Previous by Thread:  Re: questions about sections 3.6.1.2 and 3.6.1.3 (was Re: question about section 3.6.1.1 simple s2k: how does preloading work?), hal
Next by Thread:  Re: questions: packet tag or content tag (4.3), what is placed in hashed subpacket field (5.2.3), critical bit (5.2.3.1), default user id (5.2.3.3), hal
Indexes:  [Date] [Thread] [Top] [All Lists]