Re: including the entire fingerprint of the issuer in an OpenPGP certification
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 19 January 2011 06:14 UTC
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0J6E9Q6077245 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 18 Jan 2011 23:14:09 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p0J6E9Yr077244; Tue, 18 Jan 2011 23:14:09 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0J6E854077237 for <ietf-openpgp@imc.org>; Tue, 18 Jan 2011 23:14:09 -0700 (MST) (envelope-from dkg@fifthhorseman.net)
Received: from [192.168.13.75] (lair.fifthhorseman.net [216.254.116.241]) by che.mayfirst.org (Postfix) with ESMTPSA id 999E2F987 for <ietf-openpgp@imc.org>; Wed, 19 Jan 2011 01:14:07 -0500 (EST)
Message-ID: <4D36812A.9050601@fifthhorseman.net>
Date: Wed, 19 Jan 2011 01:14:02 -0500
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Reply-To: IETF OpenPGP Working Group <ietf-openpgp@imc.org>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101213 Icedove/3.1.7
MIME-Version: 1.0
To: IETF OpenPGP Working Group <ietf-openpgp@imc.org>
Subject: Re: including the entire fingerprint of the issuer in an OpenPGP certification
References: <E1Pf1WI-0007aL-EN@login01.fos.auckland.ac.nz> <CFCF61BD-9281-4F09-AD31-C5AAC38315FE@callas.org> <4D354A08.1010206@iang.org> <87lj2isgm8.fsf@vigenere.g10code.de> <58216C60-3DFD-4312-B514-19243ED4220A@callas.org> <4D36010A.30205@fifthhorseman.net> <E8F060EE-48E5-4F92-8285-B5897A8F4950@jabberwocky.com> <4D3611C1.5050706@fifthhorseman.net> <05AB0704-53F0-4969-B0CA-DAC501D8CC40@jabberwocky.com>
In-Reply-To: <05AB0704-53F0-4969-B0CA-DAC501D8CC40@jabberwocky.com>
X-Enigmail-Version: 1.1.2
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="------------enigE97A4F6D31F833C305E17C3F"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
On 01/18/2011 05:43 PM, David Shaw wrote: > No, this would be another use of the existing public/secret key version registry. We already have a registry that covers key versions. [...] > Sorry - I wasn't clear enough. Rather than using a notation, I was saying that if that we should define a "true" subpacket (not a notation) > for this, but define the subpacket in a flexible enough way that we won't be throwing the subpacket away (or having to maintain it just for V4) when V5 comes. ok, i understand what you're saying. I'm game for either approach. Here's a proposal: i'll start with an issuer-fpr@... notation that will use the exact value (version byte, fpr) that we expect to be the content of the new subpacket type, demonstrate it, and then use that experience to draft an update to RFC 4880 and apply for a new subpacket allocation if it seems to make sense. Is it kosher to use a notation this way instead of using an explicitly experimental subpacket type? --dkg
- Re: including the entire fingerprint of the issue… Ian G
- Re: including the entire fingerprint of the issue… Avi
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Peter Pentchev
- Re: including the entire fingerprint of the issue… Avi
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… Ian G
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel A. Nagy
- Re: including the entire fingerprint of the issue… Werner Koch
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Peter Gutmann
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel A. Nagy
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel A. Nagy
- Re: including the entire fingerprint of the issue… Werner Koch
- Re: including the entire fingerprint of the issue… Ian G
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Peter Gutmann
- Re: including the entire fingerprint of the issue… Jon Callas
- including the entire fingerprint of the issuer in… Daniel Kahn Gillmor