IETF Logo Mail Archive

Re: Signature calculation language

David Shaw <dshaw@jabberwocky.com> Tue, 11 October 2005 21:13 UTC

Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EPRRE-00020Z-OB for openpgp-archive@megatron.ietf.org; Tue, 11 Oct 2005 17:13:32 -0400
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA04502 for <openpgp-archive@lists.ietf.org>; Tue, 11 Oct 2005 17:13:29 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j9BL3m5A032909; Tue, 11 Oct 2005 14:03:48 -0700 (PDT) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j9BL3mYY032908; Tue, 11 Oct 2005 14:03:48 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from rwcrmhc12.comcast.net (rwcrmhc13.comcast.net [216.148.227.118]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j9BL3mnG032893 for <ietf-openpgp@imc.org>; Tue, 11 Oct 2005 14:03:48 -0700 (PDT) (envelope-from dshaw@jabberwocky.com)
Received: from walrus.hsd1.ma.comcast.net ([24.60.132.70]) by comcast.net (rwcrmhc13) with ESMTP id <2005101121034201500b72oqe>; Tue, 11 Oct 2005 21:03:42 +0000
Received: from grover.jabberwocky.com (grover.jabberwocky.com [172.24.84.28]) by walrus.hsd1.ma.comcast.net (8.12.8/8.12.8) with ESMTP id j9BL3l0m004690 for <ietf-openpgp@imc.org>; Tue, 11 Oct 2005 17:03:47 -0400
Received: from grover.jabberwocky.com (grover.jabberwocky.com [127.0.0.1]) by grover.jabberwocky.com (8.13.1/8.13.1) with ESMTP id j9BL3dkV004804 for <ietf-openpgp@imc.org>; Tue, 11 Oct 2005 17:03:39 -0400
Received: (from dshaw@localhost) by grover.jabberwocky.com (8.13.1/8.13.1/Submit) id j9BL3doo004803 for ietf-openpgp@imc.org; Tue, 11 Oct 2005 17:03:39 -0400
Date: Tue, 11 Oct 2005 17:03:39 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: ietf-openpgp@imc.org
Subject: Re: Signature calculation language
Message-ID: <20051011210339.GA4382@jabberwocky.com>
Mail-Followup-To: ietf-openpgp@imc.org
References: <20051005211158.EEB1457EF9@finney.org> <AEB5B24B-A49E-40F7-8BA3-6B5BB475EBFB@callas.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AEB5B24B-A49E-40F7-8BA3-6B5BB475EBFB@callas.org>
OpenPGP: id=99242560; url=http://www.jabberwocky.com/david/keys.asc
User-Agent: Mutt/1.5.8i
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

On Tue, Oct 11, 2005 at 01:44:53PM -0700, Jon Callas wrote:
> On 5 Oct 2005, at 2:11 PM, Hal Finney wrote:

> >    0x18: Subkey Binding Signature
> >        This signature is a statement by the top-level signing key  
> >that
> >        indicates that it owns the subkey. This signature is  
> >calculated
> >        directly on the subkey itself, not on any User ID or other
> >        packets. A signature that binds a signing subkey also has an
> >        embedded signature subpacket in this binding signature which
> >        contains a 0x19 signature made by the signing subkey on the
> >        primary key.
> >
> >The signature is actually calculated over both the primary key and
> >subkey packets, although here it says it is not calcualted over any
> >other packets.
> >
> >(A separate issue is that the last sentence here should have a SHOULD:
> >"A signature that binds a signing subkey SHOULD have an embedded...")
> >
> 
> Done.

Wondering - should the embedded 0x19 signature be a MUST?  Lacking a
0x19 allows the signing subkey to be "stolen" onto another primary
key.

David

v2.23.0 | Report a Bug | By Email