ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Algorithm-specific data: problems with Simple Octet Strings, and possible alternatives

2021-03-25 18:50:45
from [Daniel Kahn Gillmor] [Permanent Link] 
On Wed 2021-03-24 20:54:49 -0400, Daniel Kahn Gillmor wrote:

(a) Seems problematic because of the multiple acceptable representations
    outlined above.  It's already pretty tricky that the fingerprint of
    a piece of given public key material can vary depending on the
    creation timestamp.  Some implementations might try to normalize an
    SOS into a "compliant" MPI, thereby affecting their ability to
    calculate the correct fingerprint.  I don't think we currently have
    any tests that demonstrate interoperability in the face of this kind
    of confusion.


I've opened this issue in the interop test suite suggesting a way to
test whether implementations might diverge:

https://gitlab.com/sequoia-pgp/openpgp-interoperability-test-suite/-/issues/45

sorry to not offer it with any specific implementation yet.

        --dkg

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] [RFC4880bis PATCH] Drop "Compatibility Profiles" section., Daniel Kahn Gillmor
Next by Date:  Re: [openpgp] [RFC4880bis PATCH] Drop "Compatibility Profiles" section., Ángel
Previous by Thread:  [openpgp] Algorithm-specific data: problems with Simple Octet Strings, and possible alternatives, Daniel Kahn Gillmor
Next by Thread:  Re: [openpgp] Algorithm-specific data: problems with Simple Octet Strings, and possible alternatives, Ángel
Indexes:  [Date] [Thread] [Top] [All Lists]