On Wed, Sep 21, 2005 at 08:56:19AM -0400, David Shaw wrote:
You could also do what GnuPG does - if it doesn't know the algorithm
it just reads the entire list of MPIs (or anything else in the packet)
into an opaque buffer. I suppose it could figure out the MPIs, but
there seems to be little point since either way, the key is not usable
without support for the algorithm. I suppose if the implementation
stored keys in a backend that needed to know the individual key
parameters that would be different.
That's what I actually do. But I don't like it. From an OO perspective, it
makes certain abstractions less efficient.
Some people want to include things in the key fingerprint and some
don't. There are good reasons for both, so I favor v5 keys with
optional subpackets like v4 signatures. Within reason, it's a "make
everyone happy" solution.
Excellent idea! Maybe, we can use a common set of subpackets, where some
make sense only in signatures while others only in keys. There are too many
overlaps for warranting a separate design.
--
Daniels