Hi Neal,
On 11.12.2020 09:34, Neal H. Walfield wrote:
One thing to be aware of: the subpacket areas can only hold 64kb of
data. So, you really should minimize the certificate.
Minimizing the certificate is actually a good idea regardless of the
certificate transport method (Autocrypt header, signature subpacket,
notation etc.).
It would be good to specify what actually would that minimized cert
contain. I think the primary key + valid encryption subkey + signing key
that signed the e-mail + User ID of the sender which contains their
e-mail address (or the primary one if there is no better match) would
constitute the minimal set. Of course clients on the receiving side
should properly merge the cert with what they already have (*not*
replace it).
Kind regards,
Wiktor
--
https://metacode.biz/@wiktor
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp