Re: V5 key packet format requirements
nagydani@epointsystem.org (Daniel A. Nagy) Fri, 03 February 2006 17:17 UTC
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F54YI-0006iS-0n for openpgp-archive@megatron.ietf.org; Fri, 03 Feb 2006 12:17:09 -0500
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA21130 for <openpgp-archive@lists.ietf.org>; Fri, 3 Feb 2006 12:14:40 -0500 (EST)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id k13CYp39026187; Fri, 3 Feb 2006 04:34:51 -0800 (PST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id k13CYpNk026186; Fri, 3 Feb 2006 04:34:51 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.epointsystem.org ([195.228.156.120]) by above.proper.com (8.12.11/8.12.9) with ESMTP id k13CYnar026179 for <ietf-openpgp@imc.org>; Fri, 3 Feb 2006 04:34:50 -0800 (PST) (envelope-from nagydani@epointsystem.org)
Received: by mail.epointsystem.org (Postfix, from userid 1001) id EC34F2B47A3; Fri, 3 Feb 2006 13:34:48 +0100 (CET)
Date: Fri, 03 Feb 2006 13:34:48 +0100
To: Adam Back <adam@cypherspace.org>
Cc: Ben Laurie <ben@algroup.co.uk>, OpenPGP <ietf-openpgp@imc.org>
Subject: Re: V5 key packet format requirements
Message-ID: <20060203123448.GA8926@epointsystem.org>
References: <20060202160713.GB18144@epointsystem.org> <43E3443D.90609@algroup.co.uk> <20060203122526.GA21898@bitchcake.off.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20060203122526.GA21898@bitchcake.off.net>
User-Agent: Mutt/1.5.6+20040907i
From: nagydani@epointsystem.org
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
On Fri, Feb 03, 2006 at 07:25:26AM -0500, Adam Back wrote: > On Fri, Feb 03, 2006 at 11:53:33AM +0000, Ben Laurie wrote: > > > > 2. Scrap encrypted private keys. We already have a symmetrically > > > encrypted container format with sufficient integrity protection, so > > > there is no reason to maintain another one. Just put the > > > unencrypted private key packet into that container, if you need > > > encryption. This will reduce the number of things to worry about > > > and make the security of OpenPGP easier to assess and maintain. > > > > Yes, please! > > What if you want different password on different keys? > > (Think eg long term signing key vs short term signing key -- no point > having separate signing keys unless have possibility to use different > password.) Then you put the two key packets in two different containers with different passphrases. And again, keep in mind that this is primarily and export-import format. -- Daniel
- V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Ben Laurie
- Re: V5 key packet format requirements Ben Laurie
- Re: V5 key packet format requirements Edwin Woudt
- Re: V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Edwin Woudt
- Re: V5 key packet format requirements Ian G
- Re: V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Adam Back
- Re: V5 key packet format requirements Konrad Rosenbaum
- Re: V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Jon Callas