ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Fingerprint requirements for OpenPGP

2016-04-12 12:20:32
from [Werner Koch] [Permanent Link] 
On Tue, 12 Apr 2016 16:38, derek(_at_)ihtfp(_dot_)com said:


I would argue that (b) is more important than (a).  Your use-case (a)
sounds more like a DB Handle, so arguably it should be elided because


(a) is required to lookup a key for a signature.  Sure this could also
be done using mail address included in the signature.  But a fingerprint
can work even if a mail provider re-assigns a mail address (assuming the
mail provider uses OpenPGP DANE or PKA).

Right now a signature includes only a keyid but for rfc4880bis we will
add a new subpacket for the fingerprint.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] [openpgp-email] Keyserverless Use of OpenPGP in Email, Werner Koch
Next by Date:  Re: [openpgp] Fingerprint requirements for OpenPGP, KellerFuchs
Previous by Thread:  Re: [openpgp] Fingerprint requirements for OpenPGP, Daniel Kahn Gillmor
Next by Thread:  Re: [openpgp] Fingerprint requirements for OpenPGP, Derek Atkins
Indexes:  [Date] [Thread] [Top] [All Lists]