On Thu, Sep 06, 2001 at 12:06:49PM -0700, Jon Callas wrote:
Are there any comments on Michael's suggestion?
Here's a sketch design:
A signature subpacket called "revocation target" that contains a 1-octet
PKalg, a 1-octet hash algorithm, and then a hash body. It denotes that a
revocation signature is intended to revoke the signature so specified.
Comments?
Is it worth adding the timestamp from the original signature to help
find it without having to look at the (larger) hashes? On a uid with
many signatures, this could speed things up. Once found, of course,
the hash could then be checked for confirmation.
David
--
David Shaw | Technical Lead
<dshaw(_at_)akamai(_dot_)com> | Enterprise Content Delivery
617-250-3028 | Akamai Technologies