Storing keys and signatures as sexps

Werner Koch wk at
Mon Jan 20 11:35:32 CET 2014

On Sat, 21 Dec 2013 21:24, ludo at said:
> For the purposes of signing package binaries exported from Guix, I am
> considering storing both key pairs and signatures using the sexp
> ‘advanced’ external representation [0].

Nice.  Slowly the SPKI data structures get some notice.

> AFAICS the format is generic, stable, and not libgcrypt-specific, so
> this looks like a reasonable choice.

I tried to model it along SPKI but there are for sure some Libgcrypt
specific details.  LSH also uses (still?) S-expression.

> Nevertheless, is there anything you would caution about?

If you want to hash the material you need to convert it to canonical
format first - but that is easy.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gcrypt-devel mailing list