ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Issue with RFC4880 IANA Registrations

2007-11-16 10:49:16
from [Derek Atkins] [Permanent Link] 

Hi,

I've been working offline with the IANA to get the OpenPGP registries
in place and we've hit a snag, so I figured I'd write the working
group to see how we as a WG want to proceed.  The snag appears to be a
missing registry creation task in regards to Notation Data flags.

Section 5.2.3.16 (Notation Data) has the following:

       (4 octets of flags, 2 octets of name length (M),
                           2 octets of value length (N),
                           M octets of name data,
                           N octets of value data)

   This subpacket describes a "notation" on the signature that the
   issuer wishes to make.  The notation has a name and a value, each of
   which are strings of octets.  There may be more than one notation in
   a signature.  Notations can be used for any extension the issuer of
   the signature cares to make.  The "flags" field holds four octets of
   flags.

   All undefined flags MUST be zero.  Defined flags are as follows:

       First octet: 0x80 = human-readable.  This note value is text.
       Other octets: none.

  [snip]

The IANA Considerations section says:

10.2.2.1.  Signature Notation Data Subpackets

   OpenPGP signatures further contain a mechanism for extensions in
   signatures.  These are the Notation Data subpackets, which contain a
   key/value pair.  Notations contain a user space that is completely
   unmanaged and an IETF space.

   This specification creates a registry of Signature Notation Data
   types.  The registry includes the Signature Notation Data type, the
   name of the Signature Notation Data, its allowed values, and a
   reference to the defining specification.  The initial values for this
   registry can be found in Section 5.2.3.16.  Adding a new Signature
   Notation Data subpacket MUST be done through the EXPERT REVIEW
   method, as described in [RFC2434].


There seems to be a disconnect between these two sections.  My reading
of 10.2.2.1 is that there's a registry of the notation names, of which
there don't appear to be any defined in 5.2.3.16.  However there
doesn't appear to be a registry of the "flags", of which there IS a
single entry (0x80) defined in 5.2.3.16.

So did we miss a needed registry or Notation Data Flags?  Or are the
labels in 10.2.2.1 just not the same as the labels in 5.2.3.16 and the
label disconnect is causing confusion?

-derek

-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Simplified OpenPGP, Daniel A. Nagy
Next by Date:  Re: Issue with RFC4880 IANA Registrations, Jon Callas
Previous by Thread:  {Blocked Content} I-D ACTION:draft-ietf-openpgp-camellia-00.txt, Internet-Drafts
Next by Thread:  Re: Issue with RFC4880 IANA Registrations, Jon Callas
Indexes:  [Date] [Thread] [Top] [All Lists]