Hi!
I know that we are short of releasing a new RFC and bis-08 looks
really good. Due to the project I am currently working on I'd like to
suggest a small enhancement:
5.2.3.21. Key Flags
[...]
0x20 - This key may be used for authentication.
Usage notes are not necessary and it should be left to an
implementation on how to handle this key flag.
There are drafts and actual implementations to use OpenPGP keys with
TLS and ssh. Thus, having a subkey specially for this purpose seems
to be a good idea. A key with key flag 0x02 (sign data) could be used
for authentication too but this has the problem than there would be no
easy way to select the appropriate subkey for data signing or
authentication purposes. As a workaround an implementation could use
notation data but this would be implementation dependend and a kind of
hack.
What do you think?
Werner
--
Nonviolence is the greatest force at the disposal of
mankind. It is mightier than the mightiest weapon of
destruction devised by the ingenuity of man. -Gandhi