Daniel Kahn Gillmor:
I've only seen a few merge requests, and none of them from "ilf"
Sorry, my Gitlab skills are weak. I created patches but forgot to create
merge requests. They are now submitted, but unfortunately against the
now-outdated version. I assume that some are fixed, but most should
still work to merge easily.
I wonder about the definition of "certificate discovery" here. Even
without UIDs, these keystores could be used for the *retrieval* of
specific certificates whose fingerprint (or key ID) is known. This can
be the case for signatures (over mails, software or documents) or
keylists like in https://tools.ietf.org/html/draft-mccain-keylist
I agree, but this distinction is what the document already tries to make
between certificate *discovery* (lookup by UID or UID substring) and
certificate *update* (lookup by primary key fingerprint).
The "Terminology" section sais:
"Certificate discovery" is the process whereby a user retrieves an
OpenPGP certificate based on user ID
"Certificate update" is the process whereby a user fetches new
information about a certificate
IMHO:
"Certificate discovery" is the process whereby a user retrieves an
OpenPGP certificate based on the fingerprint (or key ID)
With this definition, every "update" is a "retrieval", but not every
"retrieval" is an "update". I'm not sure how helpful yet another term
would be, maybe could leave it our for simplicity, but I for one
stumbled across that section.
--
ilf
If you upload your address book to "the cloud", I don't want to be in it.
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp