Keyrings for websites
Werner Koch
wk at gnupg.org
Thu Feb 8 20:44:00 CET 2007
On Thu, 8 Feb 2007 20:10, hawke at hawkesnest.net said:
> wish that UIDs were more of a key/value system (one key/value pair per
You may use notations for this. They are however stored with the
self-signature, so some care needs to be taken.
If you need something simialr to the user ID, use the User Attribute
Packet (Tag 17). It is currently only used for the photo ID but it
may be extended. From the latest OpenPGP I-D:
The User Attribute packet is a variation of the User ID packet. It
is capable of storing more types of data than the User ID packet
which is limited to text. Like the User ID packet, a User Attribute
packet may be certified by the key owner ("self-signed") or any
other key owner who cares to certify it. Except as noted, a User
Attribute packet may be used anywhere that a User ID packet may be
used.
While User Attribute packets are not a required part of the OpenPGP
standard, implementations SHOULD provide at least enough
compatibility to properly handle a certification signature on the
User Attribute packet. A simple way to do this is by treating the
User Attribute packet as a User ID packet with opaque contents, but
an implementation may use any method desired.
The User Attribute packet is made up of one or more attribute
subpackets. Each subpacket consists of a subpacket header and a
body. The header consists of:
- the subpacket length (1, 2, or 5 octets)
- the subpacket type (1 octet)
and is followed by the subpacket specific data.
The only currently defined subpacket type is 1, signifying an image.
An implementation SHOULD ignore any subpacket of a type that it does
not recognize. Subpacket types 100 through 110 are reserved for
private or experimental use.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list