On 14 Dec 2005, at 5:56 AM, David Shaw wrote:
Well into comically late in the game here, but a question recently
came up about the secret key transport format. Namely, is there one?
2440bis has a public key transport format (the whole of section 10.1),
and the format of secret key and secret subkey packets is defined, but
there doesn't seem to be an analogue to section 10.1 for secret keys.
For example, I've seen secret keys in this format:
- Secret key packet
- User ID packet
- Selfsig on user ID
- Secret subkey packet
- Selfsig on subkey
I've also seen secret keys in this format:
- Secret key packet
- User ID packet
- Secret subkey packet
(i.e. missing the selfsigs).
The first example strikes me as preferable as there is a mild benefit
to having the secret key format parallel the public key format in that
an implementation can extract the public key from the secret key
automatically. The second example requires a public key to be sent in
addition to the secret key to get the selfsigs (while the selfsig on
the user ID is optional, the one on the subkey isn't).
Either way, though, 2440bis seems silent on this subject. Is this
something that needs a line or two of text?
Since no one has said anything in months, I'm declaring that the
answer is, "no, this is not something that needs a line or two of text."
Jon