[Top] [All Lists]

Issue with RFC4880 IANA Registrations

2007-11-16 10:49:16


I've been working offline with the IANA to get the OpenPGP registries
in place and we've hit a snag, so I figured I'd write the working
group to see how we as a WG want to proceed.  The snag appears to be a
missing registry creation task in regards to Notation Data flags.

Section (Notation Data) has the following:

       (4 octets of flags, 2 octets of name length (M),
                           2 octets of value length (N),
                           M octets of name data,
                           N octets of value data)

   This subpacket describes a "notation" on the signature that the
   issuer wishes to make.  The notation has a name and a value, each of
   which are strings of octets.  There may be more than one notation in
   a signature.  Notations can be used for any extension the issuer of
   the signature cares to make.  The "flags" field holds four octets of

   All undefined flags MUST be zero.  Defined flags are as follows:

       First octet: 0x80 = human-readable.  This note value is text.
       Other octets: none.


The IANA Considerations section says:  Signature Notation Data Subpackets

   OpenPGP signatures further contain a mechanism for extensions in
   signatures.  These are the Notation Data subpackets, which contain a
   key/value pair.  Notations contain a user space that is completely
   unmanaged and an IETF space.

   This specification creates a registry of Signature Notation Data
   types.  The registry includes the Signature Notation Data type, the
   name of the Signature Notation Data, its allowed values, and a
   reference to the defining specification.  The initial values for this
   registry can be found in Section  Adding a new Signature
   Notation Data subpacket MUST be done through the EXPERT REVIEW
   method, as described in [RFC2434].

There seems to be a disconnect between these two sections.  My reading
of is that there's a registry of the notation names, of which
there don't appear to be any defined in  However there
doesn't appear to be a registry of the "flags", of which there IS a
single entry (0x80) defined in

So did we miss a needed registry or Notation Data Flags?  Or are the
labels in just not the same as the labels in and the
label disconnect is causing confusion?


       Derek Atkins                 617-623-3745
       Computer and Internet Security Consultant

<Prev in Thread] Current Thread [Next in Thread>