ietf-openpgp
[Top] [All Lists]

Re: PoP & Signer's User ID subpacket?

2003-06-17 09:45:05


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 17 Jun 2003 10:05:30 -0400, you wrote:


[2F17AC17]*** PGP SIGNATURE VERIFICATION ***
[2F17AC17]*** Hash: SHA1
[2F17AC17]*** Status: Signing Algorithm Not Supported
[2F17AC17]*** Signer: David M. Shaw <dshaw(_at_)jabberwocky(_dot_)com>
*** Note: Signing Key is a Sub-Key!
[2F17AC17]*** Key ID: 0xE2665C8749E1CBC9
[2F17AC17]*** Fingerprint: FC2A 0E9B 5122 7D7B 5923  2CE6 E266 5C87 49E1
CBC9 [2F17AC17]*** Signed: 6/17/2003 4:05:30 PM
[2F17AC17]*** Verified: 6/17/2003 6:55:28 PM
[2F17AC17]*** BEGIN PGP VERIFIED MESSAGE ***

<snip>

With regards to signing subkeys in general, I'd much rather fix the
problem than drop signing subkeys.  2440 defined signing subkeys years
ago, and they are already in use today (this message is signed by
one).  They are very useful in a good number of situations.  To remove
them now seems like a step backwards.

David, I don't think that signing subkeys are a good idea.
Please look at the above verification block.  Furthermore,
I had problems retrieving the signing key from the servers.
So, I grabbed all the keys out there with "David Shaw" as UID.
You probably consider me thick, but there are OpenPGP users
out there who are a lot thicker than I am.
The irony is that, you can achieve the same thing with
a signing master key if you think about it.
I am afraid that signing subkeys are going to be very
expensive to implement.  The whole of the keyserver
infrastructure needs to retro fitted to deal with them.
You are right that 2440 defined signing master keys years
ago, however, to be honest with you, this is my second
encounter with them, and I consider myself a heavy
PGP user.  TIGER192, SHA1x, & HAVAL-5-160, had more
widespread use than signing subkeys, if you ask me.
Yet, we had no qualms about dropping them.
The same should be done for signing subkeys.
The less, the simpler the better.

David

Best Regards

Imad R. Faiad
[2F17AC17]*** END PGP VERIFIED MESSAGE ***

-----BEGIN PGP SIGNATURE-----
Version: 8.0.2irf
Comment: KeyID: 0xBCC31718833F1BAD
Comment: Fingerprint: 75CD 96A7 8ABB F87E  9390 5FD7 2A88 4F45

iQEVAwUBPu9ON7zDFxiDPxutAQJOyAf+PpxUIz5qsgStFfgHFthYo1SgcjOmPtwu
EJ48Rj1P8qhvf7Mh/vh59hMwJQmnKVlG2tY2diyFTChLH4X0PODqXpRsqIp3ILVp
WtM8R4RMJPtpV6mvKfUNPSTJhHNSRuQWrtSXF6k8FS0ngnPrY3niJ9klqp8Wv8j/
7coxKOR6cRANYcRgGCfhHIzJk7ZaK7gTiDOVRAXKHnDpR+kIFqirdczJAhq7+srR
gbt9dekTPS4/08NvkWlOGk/burQoFI971/0haSyI+xGYUcMk2f+hBN5IEMt2wXAo
NoOq04qyWhyNgtAo68KZ4t+ui/YNoFN77+85WSZmrmMHp+6a4RU48A==
=AIlF
-----END PGP SIGNATURE-----