IETF Logo Mail Archive

Re: Signature Subpacket 10?

Ian Grigg <iang@systemics.com> Thu, 30 June 2005 11:39 UTC

Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DnxO8-00023I-04 for openpgp-archive@megatron.ietf.org; Thu, 30 Jun 2005 07:39:24 -0400
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA00732 for <openpgp-archive@lists.ietf.org>; Thu, 30 Jun 2005 07:39:20 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j5UBIQUM046020; Thu, 30 Jun 2005 04:18:26 -0700 (PDT) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j5UBIQda046018; Thu, 30 Jun 2005 04:18:26 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from postix.sonance.net (mx2.sonance.net [62.116.45.130]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j5UBIPV9045972 for <ietf-openpgp@imc.org>; Thu, 30 Jun 2005 04:18:25 -0700 (PDT) (envelope-from iang@systemics.com)
Received: from localhost (localhost [127.0.0.1]) by postix.sonance.net (Postfix) with ESMTP id E37751A34F5; Thu, 30 Jun 2005 13:17:41 +0200 (CEST)
Received: from postix.sonance.net ([127.0.0.1]) by localhost (zentrix [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 14384-05; Thu, 30 Jun 2005 13:17:41 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by postix.sonance.net (Postfix) with ESMTP id 311271A34F4; Thu, 30 Jun 2005 13:17:41 +0200 (CEST)
From: Ian Grigg <iang@systemics.com>
To: Ben Laurie <ben@algroup.co.uk>
Subject: Re: Signature Subpacket 10?
Date: Thu, 30 Jun 2005 12:16:26 +0100
User-Agent: KMail/1.8
Cc: Werner Koch <wk@gnupg.org>, OpenPGP <ietf-openpgp@imc.org>
References: <42C3ACFC.9070905@algroup.co.uk> <87wtoc6sso.fsf@wheatstone.g10code.de>
In-Reply-To: <87wtoc6sso.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200506301216.29338.iang@systemics.com>
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at sonance.net
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

On Thursday 30 June 2005 11:30, Werner Koch wrote:
> 
> On Thu, 30 Jun 2005 09:27:40 +0100, Ben Laurie said:
> 
> > I see it is reserved "for backward compatibility". I'm curious to
> > know: what's in this packet? Is it documented somewhere?
> 
>     SIGSUBPKT_ARR	   =10, /* additional recipient request */
> 
> aka additional decrytpion key.


A little background.  This was added by the old
PGP Inc company for commercial users so as to
escrow email.  If a key had this subpacket, you
would encrypt to that additional key as well.

The notion was that it should go
in the standard, but that was politically charged
at the time - indeed Loius Freeh stood up in
front of Congress and used this very feature as
proof that it was possible to force all crypto
programs to escrow messages for the FBI...

The compromise that was reached was that it
not be documented in the standard.  I don't
know if GPG implements it, or even if it the PGP
line still includes it.  I think architecturally speaking,
such a feature is better off in the proxy products,
and layered over the top at the admin level
rather than put in the tech.  I think it is relatively
safe to ignore it.

iang
-- 
Advances in Financial Cryptography, Issue 2:
   https://www.financialcryptography.com/mt/archives/000498.html
Mark Stiegler, An Introduction to Petname Systems
Nick Szabo, Scarce Objects
Ian Grigg, Triple Entry Accounting

v2.23.0 | Report a Bug | By Email