Re: Signer's User ID
David Shaw <dshaw@jabberwocky.com> Thu, 21 July 2005 12:07 UTC
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DvZq4-0001n7-3Z for openpgp-archive@megatron.ietf.org; Thu, 21 Jul 2005 08:07:44 -0400
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA24180 for <openpgp-archive@lists.ietf.org>; Thu, 21 Jul 2005 08:07:42 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j6LBt3tw022043; Thu, 21 Jul 2005 04:55:03 -0700 (PDT) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j6LBt3T0022042; Thu, 21 Jul 2005 04:55:03 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from rwcrmhc11.comcast.net (rwcrmhc11.comcast.net [204.127.198.35]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j6LBt39b022005 for <ietf-openpgp@imc.org>; Thu, 21 Jul 2005 04:55:03 -0700 (PDT) (envelope-from dshaw@jabberwocky.com)
Received: from walrus.hsd1.ma.comcast.net ([24.60.132.70]) by comcast.net (rwcrmhc11) with ESMTP id <2005072111545201300rgveee>; Thu, 21 Jul 2005 11:54:57 +0000
Received: from grover.jabberwocky.com (grover.jabberwocky.com [172.24.84.28]) by walrus.hsd1.ma.comcast.net (8.12.8/8.12.8) with ESMTP id j6LBsv0R006286 for <ietf-openpgp@imc.org>; Thu, 21 Jul 2005 07:54:57 -0400
Received: from grover.jabberwocky.com (grover.jabberwocky.com [127.0.0.1]) by grover.jabberwocky.com (8.13.1/8.13.1) with ESMTP id j6LBspVr008689 for <ietf-openpgp@imc.org>; Thu, 21 Jul 2005 07:54:51 -0400
Received: (from dshaw@localhost) by grover.jabberwocky.com (8.13.1/8.13.1/Submit) id j6LBspkI008688 for ietf-openpgp@imc.org; Thu, 21 Jul 2005 07:54:51 -0400
Date: Thu, 21 Jul 2005 07:54:51 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: ietf-openpgp@imc.org
Subject: Re: Signer's User ID
Message-ID: <20050721115451.GD6846@jabberwocky.com>
Mail-Followup-To: ietf-openpgp@imc.org
References: <87u0iok99n.fsf@wheatstone.g10code.de> <1121934770.13664.167.camel@firenze.zurich.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <1121934770.13664.167.camel@firenze.zurich.ibm.com>
OpenPGP: id=99242560; url=http://www.jabberwocky.com/david/keys.asc
User-Agent: Mutt/1.5.8i
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
On Thu, Jul 21, 2005 at 10:32:50AM +0200, Jeroen Massar wrote: > On Thu, 2005-07-21 at 07:39 +0200, Werner Koch wrote: > > Hello! > > > > I'd like to have a clarification of the signature subpacket > > > > 5.2.3.22. Signer's User ID > > <SNIP> > > > OTOH, for applications it makes more sense to have just the vanilla > > mail address (mailbox@domain) here. This would make it easier to > > compare a mail's From address to the actual signature. > > As I actually never really took time to read the full spec, I didn't > come across of this before, but this is indeed ideal for making keys > distributed in nature. > > "Solution" for making it distributed would be: > http://www.imc.org/ietf-openpgp/mail-archive/msg11035.html That message suggests adding the signer's name to signatures in some manner, and then using that to hint to the keyserver which key to fetch when verifying a signature. It seems a fairly roundabout way to get a key. Why not just do this directly? We already have a keyserver subpacket (24), which is an URL, so it can even point to a web page. If a signer wants to give "how to get my key" information in their signature, just point to it directly. > Question to Werner: does gnupg support the above item, if not can we add > it, and secondly could we have gnupg then derive the keyserver from it > as I noted before? (read: want a patch?) GnuPG already supports what I said above. And if you set auto-key-retrieve, it'll even fetch the key for you automatically when it sees a signature with such information. David
- Signer's User ID David Shaw
- Signer's User ID Werner Koch
- Re: Signer's User ID Jeroen Massar
- Re: Signer's User ID David Shaw
- Re: Signer's User ID David Shaw
- Re: Signer's User ID Ian Grigg
- Re: Signer's User ID Werner Koch
- Re: Signer's User ID Ian Grigg
- [openpgp] Signer's User ID Neal H. Walfield
- Re: [openpgp] Signer's User ID Thijs van Dijk
- Re: [openpgp] Signer's User ID Neal H. Walfield
- Re: [openpgp] Signer's User ID Daniel Kahn Gillmor
- Re: [openpgp] Signer's User ID Neal H. Walfield
- Re: [openpgp] Signer's User ID Werner Koch