Re: V5 key packet format requirements
Konrad Rosenbaum <konrad@silmor.de> Fri, 03 February 2006 18:33 UTC
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F55jx-00073w-C1 for openpgp-archive@megatron.ietf.org; Fri, 03 Feb 2006 13:33:01 -0500
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA27201 for <openpgp-archive@lists.ietf.org>; Fri, 3 Feb 2006 13:31:20 -0500 (EST)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id k13ICN73073364; Fri, 3 Feb 2006 10:12:23 -0800 (PST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id k13ICNB4073363; Fri, 3 Feb 2006 10:12:23 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from p15139323.pureserver.info (silmor.de [217.160.219.75]) by above.proper.com (8.12.11/8.12.9) with ESMTP id k13ICMWd073348 for <ietf-openpgp@imc.org>; Fri, 3 Feb 2006 10:12:22 -0800 (PST) (envelope-from konrad@silmor.de)
Received: from p54b3e320.dip.t-dialin.net ([84.179.227.32] helo=zaphod.local) by p15139323.pureserver.info with asmtp (Exim 3.35 #1 (Debian)) id 1F55Pt-0005zZ-00 for <ietf-openpgp@imc.org>; Fri, 03 Feb 2006 19:12:17 +0100
From: Konrad Rosenbaum <konrad@silmor.de>
To: OpenPGP <ietf-openpgp@imc.org>
Subject: Re: V5 key packet format requirements
Date: Fri, 03 Feb 2006 19:09:06 +0100
User-Agent: KMail/1.9
References: <20060202160713.GB18144@epointsystem.org> <43E3443D.90609@algroup.co.uk> <43E3882C.8060607@systemics.com>
In-Reply-To: <43E3882C.8060607@systemics.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="nextPart29217556.MGzNFWOI5t"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Content-Transfer-Encoding: 7bit
Message-Id: <200602031909.10133@zaphod.konrad.silmor.de>
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
On Friday 03 February 2006 17:43, Ian G wrote: > Ben Laurie wrote: > > This could be confusing - documents that were signed with a key > > specified like this could retroactively find themselves predating the > > key. > > Why is this important? The date on the key is > just "there" and isn't of such strength that it > should be stressed overly much. Consequently one would also need to scrap the logic that a signature is invalid if it predates the key (that's somewhere in RFC2440). Why not: hash the _complete_ public key packet _as_is_ without any modifications? The computational load of hashing a few bytes more and of slicing them first should be about identical. It is very easy to implement (read as: less potential security holes through programming mistakes and higher interoperability). It is much more resistant against upcoming attacks than a selective model. Konrad
- V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Ben Laurie
- Re: V5 key packet format requirements Ben Laurie
- Re: V5 key packet format requirements Edwin Woudt
- Re: V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Edwin Woudt
- Re: V5 key packet format requirements Ian G
- Re: V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Adam Back
- Re: V5 key packet format requirements Konrad Rosenbaum
- Re: V5 key packet format requirements Daniel A. Nagy
- Re: V5 key packet format requirements Jon Callas