ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Stripped Primary Secret Keys

2022-05-09 09:41:49
Okay, maybe we are talking past another.

My proposal would be, to replace the primary Secret Key Packet (Tag 5) of the key with a Public Key Packet (Tag 6). So Transferable Secret Key with 2 subkeys would look something like this:

TSK = [ Public Key Packet (6), Secret Subkey Packet (7), Secret Subkey Packet (7) ]

Let me know what you think :)

Paul

Am 09.05.22 um 16:23 schrieb Werner Koch:
On Mon,  9 May 2022 12:28, Paul Schaub said:

Could you by the way elaborate on the reasons why you think it is not
possible to just omit the secret key packet? Clearly the specification
Because a secret key packet has different properties than a public key
packet.  Even if the real secret information has been stripped there is
still tye information that it is a secret key packet.

Parser stuff is not an issue and it is easy to use just one parser.

   is_secret = tag_is_for_secret_sub_key();
   parse_public
   if is_secret
      parse_secret_parts.
We have even taken care in rfc4880 to make it easy to parse keys with
unknown algorithms (depending on the protection mechanism due to
backward compatibility).


Salam-Shalom,

    Werner


_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp