IETF Logo Mail Archive

Re: Secret key transport

Jon Callas <jon@callas.org> Tue, 18 April 2006 20:02 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FVwPS-0000Z8-30 for openpgp-archive@lists.ietf.org; Tue, 18 Apr 2006 16:02:50 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FVwPR-0003HX-Lb for openpgp-archive@lists.ietf.org; Tue, 18 Apr 2006 16:02:50 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k3IJdt5c022012; Tue, 18 Apr 2006 12:39:55 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k3IJdt9M022011; Tue, 18 Apr 2006 12:39:55 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from merrymeet.com (merrymeet.com [63.73.97.162]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k3IJds2a021997 for <ietf-openpgp@imc.org>; Tue, 18 Apr 2006 12:39:54 -0700 (MST) (envelope-from jon@callas.org)
Received: from keys.merrymeet.com (63.73.97.166) by merrymeet.com with ESMTP (Eudora Internet Mail Server X 3.2.7) for <ietf-openpgp@imc.org>; Tue, 18 Apr 2006 12:39:51 -0700
Received: from [192.168.2.164] ([63.251.255.85]) by keys.merrymeet.com (PGP Universal service); Tue, 18 Apr 2006 12:39:51 -0700
X-PGP-Universal: processed; by keys.merrymeet.com on Tue, 18 Apr 2006 12:39:51 -0700
Mime-Version: 1.0 (Apple Message framework v749.3)
In-Reply-To: <20051214135609.GA22783@jabberwocky.com>
References: <20051214135609.GA22783@jabberwocky.com>
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <59A2A036-CFF5-4C28-9B84-9345BD5EBC0F@callas.org>
Content-Transfer-Encoding: 7bit
From: Jon Callas <jon@callas.org>
Subject: Re: Secret key transport
Date: Tue, 18 Apr 2006 12:40:00 -0700
To: OpenPGP <ietf-openpgp@imc.org>
X-Mailer: Apple Mail (2.749.3)
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a7d6aff76b15f3f56fcb94490e1052e4

On 14 Dec 2005, at 5:56 AM, David Shaw wrote:

>
> Well into comically late in the game here, but a question recently
> came up about the secret key transport format.  Namely, is there one?
> 2440bis has a public key transport format (the whole of section 10.1),
> and the format of secret key and secret subkey packets is defined, but
> there doesn't seem to be an analogue to section 10.1 for secret keys.
>
> For example, I've seen secret keys in this format:
>
>  - Secret key packet
>  - User ID packet
>  - Selfsig on user ID
>  - Secret subkey packet
>  - Selfsig on subkey
>
> I've also seen secret keys in this format:
>
>  - Secret key packet
>  - User ID packet
>  - Secret subkey packet
>
>  (i.e. missing the selfsigs).
>
> The first example strikes me as preferable as there is a mild benefit
> to having the secret key format parallel the public key format in that
> an implementation can extract the public key from the secret key
> automatically.  The second example requires a public key to be sent in
> addition to the secret key to get the selfsigs (while the selfsig on
> the user ID is optional, the one on the subkey isn't).
>
> Either way, though, 2440bis seems silent on this subject.  Is this
> something that needs a line or two of text?

Since no one has said anything in months, I'm declaring that the  
answer is, "no, this is not something that needs a line or two of text."

	Jon

v2.23.0 | Report a Bug | By Email