Hi all,
I have used a recent keydump from [1] to extract keys making use of
ECCs, and I wrote some code to parse key and subkey packets (per [2],
[3] and [4]) to show the algorithm, the curve and the parameters they
use. I found cases where:
- the curve OID is not in the OpenPGP format but includes the first two
octets from ASN.1;
- the 0x40 compression flag is not included;
- when using Curve25519:
-- the point is represented using Ed25519 compression;
-- the point is represented using Ed25519 compression with reversed
byte order;
-- the point is NOT represented using Ed25519 compression.
Could you explain what the current decisions are? Should these cases
just be dropped since they are not included in the RFCs? I am quite new
to the subject, so please forgive me if I am misusing any terms or concepts.
Nicola
[1] https://pgp.key-server.io/sks-dump
[2] https://tools.ietf.org/html/rfc4880
[3] https://tools.ietf.org/html/rfc6637
[4] https://www.ietf.org/archive/id/draft-koch-eddsa-for-openpgp-04.txt
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp