On 20 Jul 2006, at 1:45 PM, <vedaal(_at_)hush(_dot_)com>
<vedaal(_at_)hush(_dot_)com> wrote:
a minor issue,
is that there for some objects, there is no 'generic' OpenPGP
object form that is identical for all OpenPGP implementations,
(there is only a more generalized form of the packet types,
sequence, etc.)
the actual final form of the openPGP object varies somewhat with
the implementation,
(although each implementation can work with the forms of the
other),
an example of this,
would be a message encrypted to Alice's v4 RSA key:
in PGP,
the message block armor begins with 'qA'
in GnuPG,
the same message encrypted to the same key,
begins with 'hQ'
Forgive me for agreeing differently. :-)
In the case that you give, the difference is that PGP uses a marker
packet and GnuPG doesn't. What you need to document is the existence
of the marker packet. You might do it by creating one with
implementation X and the other with Y, but the difference is the
marker packet.
Similarly, we ought to give an example of different length types, old/
new header, and so on. Those, however, might not track systems.
(I just put in a note in the PGP bug database that says PGP should
consider not doing marker packets.)
it might be useful to list both variations as examples
of the discretionary leeway available to implementors,
and how they can leave little telltale signs that distinguish
their own implementations,
as long as the essentials of intercompatibility are preserved
in order to not 'overdo' the trivia,
i can start with a tentative list of the example types,
and then have people suggest either addtions or deletions from the
list
Yes, that's all part of the OpenPGP Bestiary, as I've been calling it.
Jon