ietf-openpgp
[Top] [All Lists]

Re: Notation packet for PGP/MIME ability

2005-01-13 06:55:58

On Thursday 13 January 2005 02:01 am, "Hal Finney" wrote:
At PGP Corporation we are planning on adding a notation packet to newly
generated keys.  It is intended to let key holders indicate whether they
can receive PGP/MIME email, or an alternate format used by PGP, or both.
<... snip ...>
An example preferred-email-encoding notation packet will have the
following fields:

    Flags: 0x80, 0x00, 0x00, 0x00

    Name: preferred-email-encoding(_at_)pgp(_dot_)com

    Value: pgpmime,partitioned

This would mean that the key holder can handle both PGP/MIME and
partitioned formats, but that he prefers to receive PGP/MIME.

I think that this is a great idea.  This kind of preference support is a 
critical feature for one of the most used applications of OpenPGP.

Hal, 
You describe adding a notation packet to a *key*.  Section 5.2.3.16. "Notation 
Data" describes only notation packets on a *signature* 

  "This subpacket describes a "notation" on the signature that the
   issuer wishes to make. The notation has a name and a value, each of
   which are strings of octets. There may be more than one notation in
   a signature. Notations can be used for any extension the issuer of
   the signature cares to make."

Can you please clarify?  Is your packet on the signature, or the key?

For context, I work on the OpenPGP implementation for Squirrelmail, an open 
source mail client.  Our implementation uses GnuPG 'underneath' to do the 
encryption.  I only see support in gpg for adding/examining notation packets 
on *signature* data, not notations on *keys*.

We'll certainly implement the functionality that Hal describes, if gpg 
supports setting and extracting the notation packet required.  From what I 
can tell, this will require setting/checking the notation packet on the 
signature of the message.

I spoke up on the issues around PGP/MIME on this list several times in the 
past.  I wish that this kind of standardization would show up *in the RFC*, 
as I've previously indicated.

Hal, thanks again for the detailed message and any clarifying response.
 
Regards,

  - Brian