On Jan 30, 2009, at 5:14 PM, Peter Thomas wrote:
(skipping the ones Jon answered)
I tried to create the following example and wonder whether my
interpretation is always correct:
Given is a public key, with several User IDs signed with 0x13s, a
direct key signature 0x1F and several subkeys signed with an 0x18:
(look closely as there are minor differences between the stuff
below ;-) )
I) Subpackets on the 0x1F direct key signature (there should be only
one of it):
- signature creation/expiration time
In principle it has only a meaning for the 0x1F itself, but it might
also expire the key as described int I) 1 and I) 2 above.
- key expiration time
The expiration time of the WHOLE key with all UIDs, subkeys, etc.
An implementation MAY decide when to use the key expiration from the
0x1F. Reasonable ways would be:
* when no other self-sig specify one (thus it works globally for the
key)
* when the key was found/selected by the KeyID (this is
questionable, isn't it?)
* or it may even take priority in favor of all other key expiration
times on other signatures, like 0x13's (but not 0x18s because subkeys
have their own expiration time!!!!)
Use the shortest expiration time. If the 0x1F says you have 10 days,
and the 0x13 says you have 5 days, you have 5 days. As you note, the
subkeys have their own expiration time - but not if they exceed the
whole key expiration time. You can't have a subkey that lives beyond
its primary key.
- preferred symmetric/hash/compression algorithm
An implementation MAY decide when to use these from the 0x1F.
Reasonable ways would be:
* when no other self-sig specifies them (thus they work globally for
the key)
* when the key was found/selected by the Key ID (here I think this is
NOT questionable as above)
* or it may even take priority in favor of all other preferred
algorithms on other signatures, like 0x13's and 0x18's
If you have preferred algorithms in both the 0x1F and a 0x13, then
you use the one with the narrowest scope. So, if the key was chosen
by a particular user ID, you use the preferred algorithms from that
user ID's selfsig. If that selfsig does not have preferred
algorithms, use the one in the 0x1F. If the key was chosen by key ID
(so there is no one particular user ID) you use the preferred
algorithm from the primary user ID. As before, if there is no
preferred algorithm there, use the one from the 0x1F. If there is
preferred algorithms on a 0x18, I think I'd take the union of those
algorithms with the ones from the user ID or 0x1F.
- key server preferences / preferred key server / key flags / features
An implementation MAY decide when to use these from the 0x1F.
Reasonable ways would be:
* when no other self-sig specifies them (thus they work globally for
the key)
* when the key was found/selected by the Key ID (here I think this is
NOT questionable as above)
* or it may even take priority in favor of all other preferred
algorithms on other signatures, like 0x13's and 0x18's
II) Subpackets on any of the 0x10-0x13 certification signatures:
- signature creation/expiration time
In principle it has only a meaning for the 0x10-0x13 itself, but it
might also expire the specific User ID (if there is no other valid
self-signature on it).
- key server preferences / preferred key server / key flags / features
An implementation MAY decide when to use these from the 0x10-0x13.
Reasonable ways would be:
* when no other self-sig specifies them (thus they work globally for
the key)
* when there is no global setting via a 0x1F self-signature
* when the key was found/selected by the specific User ID (here I
think this is NOT questionable as above), or it was specified as
Signers User ID subpacket
III) Subpackets on the 0x18 subkey binding signature:
- signature creation/expiration time
In principle it has only a meaning for the 0x18 itself, but it might
also expire the specific subkey (if there is no other valid
self-signature on it).
- key expiration time
The expiration time ONLY of the specific subkey, not of any other
subkey, any User ID or even the whole primary key.
This only applies to the specifix subkey, so an implementation cannot
choose anything (as with the key expiration times above)
- preferred symmetric/hash/compression algorithm
An implementation MAY decide when to use these from the 0x18.
Reasonable ways would be:
* when that specific subkey was used for encryption/signing/or
selected somehow else
and optionally (the above condition seems nearly mandatory):
* when no other self-sig specifies them (thus they work globally for
the key)
* when there is no global setting via a 0x1F self-signature
- key server preferences / preferred key server / key flags / features
An implementation MAY decide when to use these from the 0x18.
Reasonable ways would be:
* when that specific subkey was used for encryption/signing/or
selected somehow else
and optionally (the above condition seems nearly mandatory):
* when no other self-sig specifies them (thus they work globally for
the key)
* when there is no global setting via a 0x1F self-signature
Is this all correct / ok / within the borders of the CURRENT rfc?
Ok that was a lot ^^
Lots of thanks in advance,
Peter