Re: I-D ACTION:draft-ietf-openpgp-rfc2440bis-06.txt

David Shaw <> Mon, 12 August 2002 18:43 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id OAA05381 for <>; Mon, 12 Aug 2002 14:43:29 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by (8.11.6/8.11.3) id g7CIZCV22772 for ietf-openpgp-bks; Mon, 12 Aug 2002 11:35:12 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with ESMTP id g7CIZBw22766 for <>; Mon, 12 Aug 2002 11:35:11 -0700 (PDT)
Received: (from dshaw@localhost) by (8.11.6/8.11.6) id g7CIZ8D03310 for; Mon, 12 Aug 2002 14:35:08 -0400
Date: Mon, 12 Aug 2002 14:35:08 -0400
From: David Shaw <>
To: OpenPGP <>
Subject: Re: I-D ACTION:draft-ietf-openpgp-rfc2440bis-06.txt
Message-ID: <>
Mail-Followup-To: OpenPGP <>
References: <> <>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
X-PGP-Key: 99242560 / 7D92 FD31 3AB6 F373 4CC5 9CA1 DB69 8D71 9924 2560
X-Phase-Of-Moon: The Moon is Waxing Crescent (21% of Full)
User-Agent: Mutt/1.5.1i
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>

On Mon, Aug 12, 2002 at 10:55:27AM -0700, Len Sassaman wrote:
> On Mon, 12 Aug 2002, Werner Koch wrote:
> > I see no more problem with the draft.  How lets try again to kick off
> > the the interop tests.
> I think that it would be nice to have the NAI X.509 packets documented.
> Having quasi-offical data formats that implimentors need to deal with, but
> are not documented, sounds like a bad idea to me. (Though, if it belongs
> in a seperate Internet Draft, I have no problem with that. But there
> should be some place to go other than the PGP source for this
> information.)

Speaking about the X.509 signatures, I wonder if they are strictly
compliant with this draft.  2440bis seems to say that v4 signatures
require (MUST) an issuer subpacket and a timestamp subpacket, and that
those subpackets are both hashed (as per the "two or more" language in
section 5.2.3, and section Subpacket Hints).  The X.509 sigs
don't have an issuer subpacket at all.  If this reading is incorrect,
it may be good to clarify things a bit.  I suppose it could be argued
that since the X.509 sigs are made with an experimental public key
algorithm (100), the signature format does not necessarily follow.

Come to think, both PGP and GnuPG create v4 signatures with a hashed
timestamp, and an unhashed issuer.  Are they compliant? ;)


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson