On Wed, 28 Mar 2001, hal(_at_)finney(_dot_)org wrote:
comes shortly before the S2K in the secret key packet. This byte is
fixed at a value of 255 to flag that an S2K is in use. We could perhaps
use some alternate value for this byte to flag that the private key is
using a different form of checksum protection.
That would be fine with me. Although GnuPG already uses the S2K for
similiar purposes.
is a signature subpacket that holds an X.509 cert. We should probably
add these to the revised draft as reserved identifiers. GPG or other
implementations may also have some reserved values.
We already have a range for experimental/private extensions (except
for the S2K. IMHO, an implementation should use these values as
long as that new feature is not in the standard or the WG has agreed
on some new values. Of course, there should be a way to distinguish
between different usages of those experimental values. For example,
GnuPG adds a string "GNU" to its private extensions to the S2K.
Ciao,
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus