Re: OpenPGP Minutes / Quick Summary

[<vedaal@hush.com>]

On Wed, 19 Jul 2006 16:44:13 -0400 Jon Callas <jon@callas.org> 
wrote:

>On the other hand, I think there *is* work still on the table, and 

>there are still people interested in doing it. 

....

>Here is an incomplete list of things that I think are still on the 

>table:

....

>* Interop cookbook. It would be desirable to have an RFC with  
>examples of OpenPGP objects as a help to implementers. This would  

>have, for example, an Alice key, a Bob key, and examples of 
>different other objects. A message encrypted to Alice and signed 
by >Bob with MDC packet, another with non-MDC; Bob's key signed by 
Alice; >and so on.

i would be interested in preparing a comprehesive collection of 
examples,

a minor issue,
is that there for some objects, there is no 'generic' OpenPGP 
object form that is identical for all OpenPGP implementations,
(there is only a more generalized form of the packet types, 
sequence, etc.)

the actual final form of the openPGP object varies somewhat with 
the implementation,
(although each implementation can work with the forms of the 
other),


an example of this,
would be a message encrypted to Alice's v4 RSA key:

in PGP,
the message block armor begins with 'qA'

in GnuPG,
the same message encrypted to the same key, 
begins with 'hQ'

it might be useful to list both variations as examples
of the discretionary leeway available to implementors,
and how they can leave little telltale signs that distinguish
their own implementations,
as long as the essentials of intercompatibility are preserved


in order to not 'overdo' the trivia,
i can start with a tentative list of the example types,
and then have people suggest either addtions or deletions from the 
list


vedaal




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485