OpenPGP headers

[Simon Josefsson]

Atom 'Smasher' <atom at suspicious.org> writes:

>> OpenPGP: id=B565716F
>> OpenPGP: url=http://josefsson.org/key.txt
>> OpenPGP: id=B565716F; algo=1 (RSA); size=1280
>> OpenPGP: url=http://josefsson.org/key.txt; algo=1 (RSA); size=1280
> ===================
>
> i really like this...!
>
> one header with 4 fields, each field is optional and MAY include human 
> readable comments... so even this would be valid:
> 	OpenPGP: id=0x12345678 (DSA/1024)
> even though the algo and size cannot be parsed.
>
> or this example:
> 	OpenPGP: id=0x12345678 (This key is only used to
> 		sign things when i'm at the office)
>
> if someone feels inclined to identify their key using a short id, long id, 
> or fingerprint, all are valid.

Moving the above one step further: If the header only include an 'id'
or 'url' value, perhaps the labels can be removed, i.e. permit for
example (as well as the above ones):

OpenPGP: http://josefsson.org/key.txt
OpenPGP: http://josefsson.org/key.txt (RSA/1280)
OpenPGP: 0xB565716F
OpenPGP: B565716F (RSA/1280)

Parsing this should be unambiguous.  If string contain ':', then it is
an url, if it contain [0x][0-9A-Z-z] it is an key id, if it contain
'=' it contain labels.

Perhaps this is getting too complicated to implement, even though it
make the header nice to look at.  What do people think?

> i'll be re-reading rfc 2822, and then rewrite my draft accordingly...

As for human readable comments, you don't need to specify much, as
comments are allowed almost anywhere.

>> Btw, does 2440 specify an unambiguous value for 'size' for DSA,
>> ElGamal, etc?
> ====================
>
> not that i've found  :(

That's bad, it might make it difficult to specify the 'size' parameter
in some interoperable way.  But GnuPG print, say, '1024D' after all,
so perhaps it is standardized.  And 2440 talk about minimum size
restrictions for RSA/DSA/ElGamal, in number of bits, so perhaps it is
specified.

Thanks,
Simon