Re: Series of minor questions about OpenPGP 4
2009-01-30 13:48:53On 01/30/2009 01:15 PM, Peter Thomas wrote:
But by the way: This would be another thing that one could think of in future revisions of the RFC. Policy-URI on self-signatures: 0x10-0x13: The policy that is used for signing, with the corresponding UserID. 0x1F: The global policy for the whole key, when signing anything (especially other keys/UIDs) with that key 0x18: The policy used when making signatures with this key Policy-URI on other signatures: The policy under which this signature was issued. (Just like it is interpreted now)
I'd disagree with such a change, if only because it seems to force a
semantic change on signatures that may already be in existence. It'd be
weird if i made a signature that i knew meant "foo", and then came back
later to find that according to the new RFC, i'd actually stated "bar".
If you want to propose a new subpacket with the above semantics (perhaps
one that would be invalid on anything but a self-sig), i wouldn't be
opposed, though i'm not sure how useful it would be.
And how would you interpret the following situation:
Key A has a self-sig with policy X
Key A signs B's key,uid pair and includes a with policy-URI Y.
which policy governs the A's signature on B? why?
--dkg
signature.asc
Description: OpenPGP digital signature
| Previous by Date: | Re: Series of minor questions about OpenPGP 4, Peter Thomas |
|---|---|
| Next by Date: | Re: Series of minor questions about OpenPGP 4, Peter Thomas |
| Previous by Thread: | Re: Series of minor questions about OpenPGP 4, Peter Thomas |
| Next by Thread: | Re: Series of minor questions about OpenPGP 4, Peter Thomas |
| Indexes: | [Date] [Thread] [Top] [All Lists] |