Daniel Kahn Gillmor <dkg(_at_)fifthhorseman(_dot_)net> writes:
On Tue 2015-07-21 19:04:22 +0200, Neal H. Walfield wrote:
At Tue, 21 Jul 2015 14:32:29 +0200,
Werner Koch wrote:
Simon pointed out to me in another context that the user id (section
5.11 of RFC 4880) is not always in RFC 2822 name-addr format, but is
sometimes simply a hostname. I think we should expand the
recommendation in that section to cover this usage.
The name-addr convention has served us well for more than 20 years and I
see no reason to explicitly recommend the use of just a hostname. I see
no problem which will be solved by this. In case the hostname shall be
used similar to a a user id (e.g. for DNS lookup), it is easier to use a
pseudo mail address like hostmaster(_at_)foo(_dot_)example(_dot_)org.
I'm not making a recommendation about what should be done, but
suggesting we update the RFC to reflect current practice.
Can you point to existing examples of this usage (by fingerprint,
maybe)?
In my deployment of PGP signatures we're using only FQDNs in the UserID
field in many cases (because they keys are tied to an entity and not a
person). I'll note that RFC4880 does not specify the contents of the
UserID field, only saying that by convention it's an email address but
not actually REQUIRING it. I would oppose text that requires an email
address in the ID field.
In the monkeysphere project we use the User ID for servicenames like
ssh://example.com or https://example.com but not raw hostnames. I don't
think i've seen many raw hostnames, though.
We have a closed system, so we're not using the public keyservers..
--dkg
-derek
--
Derek Atkins 617-623-3745
derek(_at_)ihtfp(_dot_)com www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp