Re: Resolving multiple primary user IDs and self-signatures
Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE> Mon, 27 August 2001 13:55 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA18641 for <openpgp-archive@odin.ietf.org>; Mon, 27 Aug 2001 09:55:04 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id f7RDbEF07889 for ietf-openpgp-bks; Mon, 27 Aug 2001 06:37:14 -0700 (PDT)
Received: from mercury.rus.uni-stuttgart.de (mercury.rus.uni-stuttgart.de [129.69.1.226]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f7RDbCD07883 for <ietf-openpgp@imc.org>; Mon, 27 Aug 2001 06:37:13 -0700 (PDT)
Received: from rusfw by mercury.rus.uni-stuttgart.de with local (Exim 3.22 #1) id 15bMZQ-0000Z0-00 for ietf-openpgp@imc.org; Mon, 27 Aug 2001 15:36:52 +0200
To: ietf-openpgp@imc.org
Subject: Re: Resolving multiple primary user IDs and self-signatures
References: <20010824135632.A2183@akamai.com> <tgpu9kgzrb.fsf@mercury.rus.uni-stuttgart.de> <20010825104436.A7901@akamai.com>
From: Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE>
Date: Mon, 27 Aug 2001 15:36:52 +0200
In-Reply-To: <20010825104436.A7901@akamai.com> (David Shaw's message of "Sat, 25 Aug 2001 10:44:36 -0400")
Message-ID: <tglmk5aakr.fsf@mercury.rus.uni-stuttgart.de>
Lines: 35
User-Agent: Gnus/5.090001 (Oort Gnus v0.01) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
David Shaw <dshaw@akamai.com> writes: [RFC 2440 et al. as mere syntax] > True, and it even says that in the Abstract. There is an exception > made for security issues: "It does not deal with storage and > implementation questions. It does, however, discuss implementation > issues necessary to avoid security flaws." I think it limits itself to security flaws which directly break the cryptographic algorithms involved. Flaws at a higher level are not discussed. > Offhand, I can't think of a security implication to having multiple > UIDs marked primary (though I'm sure someone here can). My concern is > with the security implications of having multiple conflicting > self-signatures. Without some suggested way to resolve the conflict, > there can be security implications. If it is truly a security issue, > then it is appropriate in 2440bis. (Obviously, I think it's enough of > a security issue to mention - I'd like to hear what others think.) Differences in interpretation of expiration times can have security implications, too. ;-) > > On the other hand, If such additions are accepted, I've got a long > > list of them... > > Care to work on a "Implementation Suggestions for OpenPGP" with me? Yes, details will follow in private mail. -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898
- Resolving multiple primary user IDs and self-sign… David Shaw
- Re: Resolving multiple primary user IDs and self-… Florian Weimer
- Re: Resolving multiple primary user IDs and self-… David Shaw
- Re: Resolving multiple primary user IDs and self-… Florian Weimer