Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

Leif Johansson <> Sun, 07 August 2011 09:59 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3197021F8588 for <>; Sun, 7 Aug 2011 02:59:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aDUrlZXaWErJ for <>; Sun, 7 Aug 2011 02:59:06 -0700 (PDT)
Received: from ( [IPv6:2001:948:4:1::66]) by (Postfix) with ESMTP id 35FBD21F8511 for <>; Sun, 7 Aug 2011 02:59:02 -0700 (PDT)
Received: from [] ( []) (authenticated bits=0) by (8.14.3/8.14.3) with ESMTP id p779xIDV014015 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 7 Aug 2011 11:59:21 +0200 (CEST)
Message-ID: <>
Date: Sun, 07 Aug 2011 11:59:18 +0200
From: Leif Johansson <>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20110617 Lightning/1.0b2 Thunderbird/3.1.11
MIME-Version: 1.0
To: Joe Hildebrand <>
References: <>
In-Reply-To: <>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: "" <>
Subject: Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 07 Aug 2011 09:59:07 -0000

Hash: SHA1

On 08/06/2011 07:30 PM, Joe Hildebrand wrote:
> On 8/6/11 7:43 AM, "Leif Johansson" <> wrote:
>> So in that case I still support having the spec explain (very carefully)
>> how you do "raw keys" - i.e keys with no intrinsic semantics - and then
>> also adding the cryptographers caveat to that.
> To be clear, when I was talking about raw keys, I didn't mean keys with no
> intrinsic semantics.  I just meant something along the lines of PKCS1; a
> modulus, an exponent, some algorithm info, and that's about it (I'd be ok
> with defining private keys in the same format as well).  It would have
> defined semantic, it just wouldn't be tied to an identity.

OK that was more or less what I was trying to say aswell.

> A definite goal for me that is NOT met by PKCS1 however, is to *limit* the
> choices and extensibility in certain directions to reduce the overall
> complexity.
> Of course, once you've got primitives for sign and encrypt and you've got a
> key format, doing something like PKIX is possible.  Perhaps we could sketch
> that out as potential follow-on work in the charter, so we can make progress
> on some of the shorter-term stuff first?


	Cheers Leif
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla -