Hey Justus,
That test vector looks exactly like I would imagine it. It's a bummer
that there is no support in applications though. My library is able to
generate keys in this form (with some trickery) but cannot yet handle
them correctly.
What must happen so that a future revision of the specification
explicitly allows this behavior? Would it make sense to specify this
usecase explicitly?
Paul
Am 21.09.21 um 13:35 schrieb Justus Winter:
Hi Paul :)
Paul Schaub <vanitasvitae(_at_)fsfe(_dot_)org> writes:
Allowing for such constructions would be interesting for per-device
keys in multi-device settings:
Yes, we'd like to improve multi-device support using per-device keys as
well.
I see no obvious issues which might prevent this, apart from the
ambiguous definition quoted above.
Has anyone already experimented with such constructions? If so, did you
encounter any issues which would need to be taken into consideration?
We considered it, and I talk (see [0] and [1]) about that in the context
of bringing forward-secrecy to OpenPGP (see also [2] if you are into
that). We have also constructed a test vector [3], but unsurprisingly,
no implementation supports that [4].
0: https://sequoia-pgp.org/talks/2018-08-moving-forward/moving-forward.pdf
1: https://www.youtube.com/watch?v=an6oYjikAPY
2: https://gitlab.com/sequoia-pgp/openpgp-dr/-/tree/wip-openpgp
3: https://gitlab.com/sequoia-pgp/weird-keys#cert-subkeyspgp
4: https://gitlab.com/sequoia-pgp/weird-keys#results
Justus
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp