ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] User ID Attribute Subpacket

2019-02-20 04:31:21
from [Justus Winter] [Permanent Link] 
On Wed, Feb 20, 2019 at 10:57 AM Wiktor Kwapisiewicz
<wiktor(_at_)metacode(_dot_)biz> wrote:

On 20.02.2019 10:39, Justus Winter wrote:

draft 6 of RFC4880bis proposes a "User ID Attribute Subpacket", but it
does not motivate that addition in any way.  What is the purpose of
it, and what is the advantage over using the userid packet?


 From what I can see it comes from
"draft-atkins-openpgp-device-certificates" that was merged in to RFC4880bis.

For details see this thread:

https://mailarchive.ietf.org/arch/msg/openpgp/Ma3P-yM2vTrfx2_Pqf_sq31SruY

(Message-ID: <sjmegci3oto(_dot_)fsf(_at_)securerf(_dot_)ihtfp(_dot_)org>)


Interesting.  I skimmed the thread trying to introduce a more structured
kind of user ids [0], but I'm still not convinced that the "User ID
Attribute Subpacket" as proposed in -06 adds any value over the user id
packet.

0: id:c2e6bbe7-0694-8193-bb76-dd50fde7d967@leo.gaspard.ninja

For reference, here is the proposed attribute:


5.13.2.  User ID Attribute Subpacket

   A User ID Attribute subpacket has type #[IANA -- assignment TBD1].

   A User ID Attribute subpacket, just like a User ID packet, consists
   of UTF-8 text that is intended to represent the name and email
   address of the key holder.  By convention, it includes an RFC 2822
   [RFC2822] mail name-addr, but there are no restrictions on its
   content.  For devices using OpenPGP for device certificates, it may
   just be the device identifier.  The packet length in the header
   specifies the length of the User ID.

   Because User Attribute subpackets can be used anywhere a User ID
   packet can be used, implementations MAY choose to trust a signed User
   Attribute subpacket that includes a User ID Attribute subpacket.


And this is the user id packet:


5.12.  User ID Packet (Tag 13)

   A User ID packet consists of UTF-8 text that is intended to represent
   the name and email address of the key holder.  By convention, it
   includes an RFC 2822 [RFC2822] mail name-addr, but there are no
   restrictions on its content.  The packet length in the header
   specifies the length of the User ID.


As you can see, the text is almost identical, and the text for the
proposed subpacket even admits that it is just like a user id packet.

Furthermore, "[...] User Attribute packets are not a required part of
the OpenPGP standard [...]".

Based on these observations I challenge the claim that the proposed
subpacket adds any value to the standard, and propose to remove it.

Cheers,
Justus

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] User ID Attribute Subpacket, Wiktor Kwapisiewicz
Next by Date:  Re: [openpgp] User ID Attribute Subpacket, Wiktor Kwapisiewicz
Previous by Thread:  Re: [openpgp] User ID Attribute Subpacket, Wiktor Kwapisiewicz
Next by Thread:  Re: [openpgp] User ID Attribute Subpacket, Wiktor Kwapisiewicz
Indexes:  [Date] [Thread] [Top] [All Lists]