ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Tighter MPI spec (and on keychains)

2005-02-24 02:31:19
from [Rick van Rein] [Permanent Link] 

Hello Jon and others,

According to bis-12, the following MPI values are acceptable encodings
of decimal 17:  [00 05 11], [00 05 22], [00 05 44] and [00 05 88]
I bet this is unintentional.  I therefore propose these changes:

CHANGE
   An MPI consists of two pieces: a two-octet scalar that is the length
   of the MPI in bits followed by a string of octets that contain the
   actual integer.
INTO
   An MPI consists of two pieces: a two-octet scalar that is the length
   of the MPI in bits followed by a string of octets that contain the
   actual integer.  The second part is prefixed with (8-MPI.length) mod 8
   zero-valued bits.

CHANGE
   These octets form a big-endian number; a big-endian number can be
   made into an MPI by prefixing it with the appropriate length.
INTO
   These octets form a big-endian number; a big-endian number can be
   made into an MPI by prefixing it with the appropriate bit length.

AFTER
   The length field of an MPI describes the length starting from its
   most significant non-zero bit. Thus, the MPI [00 02 01] is not
   formed correctly. It should be [00 01 01].
APPEND
   The bits of the MPI end in the last bit of the last octet.  Thus,
   the MPI [00 05 44] is not formed correctly. It should be [00 05 11].



Another thing.  In 3.6 on Keyrings, I was confused whether it described a
message format or a storage format.  Only the former seems interesting in
the scope of this spec.  I therefore propose the following.

CHANGE
   A keyring is a collection of one or more keys in a file or database.
   Traditionally, a keyring is simply a sequential list of keys, but
   may be any suitable database. It is beyond the scope of this
   standard to discuss the details of keyrings or other databases.
INTO
   A keyring is conceptually a set of at least one public key.  To put
   a keyring in an OpenPGP message, it is represented as the concatenation
   of the keys in the ring.

Note: The original statement speaks of "one or more" keys.  I therefore
      said "at least one" but models are often complicated by treating the
      zero case differently -- could the "one or more" be strikken?  Or
      would this cause unacceptable backward compatibility problems?


Cheers,
 -Rick
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  More questions and comments on rfc2440bis-12, Ben Laurie
Next by Date:  Re: Tighter MPI spec (and on keychains), Ian G
Previous by Thread:  More questions and comments on rfc2440bis-12, Ben Laurie
Next by Thread:  Re: Tighter MPI spec (and on keychains), Ian G
Indexes:  [Date] [Thread] [Top] [All Lists]