ietf-openpgp
[Top] [All Lists]

Re: [openpgp] OpenPGPv5 wish list

2013-04-29 13:48:32
On Mon, 29 Apr 2013 19:53, philcerf(_at_)gmail(_dot_)com said:

Well actually the contrary seems to be the case... OpenPGP is rather
only used for mail and plain file encryption/signing, which covers of
course already many fields, but nothing advanced.

Depends on what you call advanced.  OpenPGP is a low-level protocol and
never really tried to address the application layer. 

It would never have any chance to be used for government ID cards, or
similar projects.

Why should a government do that?  eID cards started in Europe (iirc, the
German electronic signature law was the first at all).  Europe has a
history of waiting for X, aehmm the OSI network stack, and thus it is
quite obvious that they started with X.400 et al.  Further, you can make
more (consulting) money with weakly defined/complex protocols than with
a clean solution.  The latter almost never wins (cf. IPSec lessons).

Yeah I knew... but right now it's also used for the name of the user,
which is the primary identification property... and it shouldn't be
used for that (from a design POV).

Maybe not for your application, so go and use your own thing for it.
There is nothing which will stop you.  What about putting a DN into it?

Obviously I don't want X.509 or I'd use it.
And I don't see how this is touched by X.509 anyway.

Because X.509 has all the useless bells and whistles which have been
suggested in the past as the solution to every problem.  Well alright,
OpenPGP provides very similar ways to implement such features but
fortunately it has not yet been abused

simply as no-one uses it... yeah I know, gpg understands it... but one
cannot even set it, can one?

  gpg -N '!foo(_at_)example(_dot_)org=42' ....

makes foo a critical notation.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>