ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Draft Update

2008-07-28 10:24:42
from [Jon Callas] [Permanent Link] 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Jul 26, 2008, at 5:13 PM, Duane wrote:




Ok, I've made some updates, firstly removing specific references to  
DNS
since this is no longer specifically mean to be for DNS and I've other
changes to remove references to using the user id field, and instead
using user attributes to have the information in a format much more
suitable for computers, this makes more sense to me than a blob of
string doesn't need to be split up and parsed to extract the  
information.

http://open-pgp.info/wiki/index.php?title=Standardisation_of_OpenPGP_Keys_for_Server_Purposes

Is there anything I've missed or overlooked at all?


I don't think it was necessary to get rid of all of the user id uses.  
RFC 4880 and 2440 were carefully explicit. Here's the 4880 language:

5.11.  User ID Packet (Tag 13)

    A User ID packet consists of UTF-8 text that is intended to  
represent
    the name and email address of the key holder.  By convention, it
    includes an RFC 2822 [RFC2822] mail name-addr, but there are no
    restrictions on its content.  The packet length in the header
    specifies the length of the User ID.

Note the words "intended" and "by convention." Also, "... but there  
are no restrictions on its content."

The discussion on this is similar to a discussion as to whether  
someone should put DNS information in a new RR or in a TXT record.  
Yes, it's probably better in some respect to expand the user  
attributes, but there's nothing wrong with just putting the text in  
there, especially since there's all this existing code that can  
display it correctly.

There are plenty of cases where a User ID contains nothing but  
descriptive text ("XYZ Corp Security Alert Signing Key") or non-email  
names like an X.509 Distinguished Name.

I agree with people who say that a User Attribute packet is better in  
a pure sense. However, the downside of that is that new UAs need  
setting/getting/display code. Just dropping the text in a UID packet  
is clunkier, but works everywhere.

Knowing when to use which is merely wisdom.

        Jon


-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII

wj8DBQFIjforsTedWZOD3gYRAnbEAJsH5XH8aSKWYhaItUNtrkqdSKjRuQCg6oSE
2AVFXqFIqxmDetuw11aSfEQ=
=0rGp
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Standardisation of User ID usage for Server Purposes, Arturo 'Buanzo' Busleiman
Next by Date:  Re: Draft Update, David Shaw
Previous by Thread:  Draft Update, Duane
Next by Thread:  Re: Draft Update, David Shaw
Indexes:  [Date] [Thread] [Top] [All Lists]