Hal,
At 01:00 AM 25/08/2000 -0700, hal(_at_)finney(_dot_)org wrote:
Erron writes:
> Does a subkey binding sig only perform the hash on the subkey (incl. 0x99,
> packet body and keys), as stated in 5.2.1 for a 0x18 signature type or:
>
> does the hashable data for a subkey binding sig mirror that as stated
in 5.2.4:
>
> "A subkey signature (0x18) THEN hashes the subkey..."
>
> I'm assuming the THEN means that you hash the main key before the subkey,
> subsequently contradicting 5.2.1.
The description in 5.2.1 is really very general:
0x18: Subkey Binding Signature
This signature is a statement by the top-level signing key
indicates that it owns the subkey. This signature is calculated
directly on the subkey itself, not on any User ID or other
packets.
This is meant to convey that the signature does not cover "siblings"
of the subkey, like other subkeys or userid packets. The description
in 5.2.4 is correct; the hash is over the top-level key plus the subkey.
> PS: Where's the best place to insert a type 0x30 as it's not defined in
> 11.1...before the certification sig or after...or doesn't it matter?
A type 0x30 is a subkey revocation signature. I don't think it matters
whether it goes before or after the subkey certification sig. I think
we put it before.
> PSS: Are public and secret keyrings supposed to interoperate with other
> versions of OpenPGP?
No, OpenPGP does not specify keyring formats.
If OpenPGP does not specify keyring formats, then what is:
a) 11.2 related to?
b) A tag 12 Trust packet packet related to (mentions keyrings)?
Cheers.
Regards
Erron Criddle
Comasp Ltd.
Level 2, 45 Stirling Hwy
NEDLANDS WA 6009
Australia
Fax: 08 9386 9473
Tel: 08 9386 9534
http://www.comasp.com
ejc(_at_)comasp(_dot_)com