On Fri, May 20, 2005 at 09:45:17AM +0100, Ben Laurie wrote:
Werner Koch wrote:
On Thu, 19 May 2005 21:43:34 +0100, Ben Laurie said:
This whole discussion scares me. You have an extension mechanism with
no registry for extensions.
We do have a way to register extensions ([5.2.3.16. Notation Data]):
The IETF name space is registered with IANA. These names MUST NOT
contain the "@" character (0x40) is this is a tag for the user name
space.
Names in the user name space consist of a UTF-8 string tag followed
by "@" followed by a DNS domain name. Note that the tag MUST NOT
contain an "@" character. For example, the "sample" tag used by
Example Corporation could be "sample(_at_)example(_dot_)com".
Names in a user space are owned and controlled by the owners of that
domain. Obviously, it's of bad form to create a new name in a DNS
space that you don't own.
Where do you see the problem?
Doh! The problem lies between my chair and keyboard. Sorry.
A passing comment, though - if you want domain names to be a safe
extension mechanism, you should include a date, since they can change
hands (without consent of the current owner, even).
It's also worth noting that the naming rules are often ignored in
practice. A year or two ago, I pulled a keyring from one of the
keyservers and enumerated the notation names. I'd have to dig up my
notes from then, but I seem to recall that around 85-90% of them were
the string "COMMENT".
(Since then, GnuPG has refused to create notation names without a '@'
in them).
David