wk at isil.d.shuttle.de
Tue Apr 28 09:54:30 CEST 1998
Fred Lindberg <lindberg at id.wustl.edu> writes:
> Theoretically, a subscriber db can be quite large. Would it be possible
> to just read a stream, generating the encrypted session-key blocks one
> at a time as the addresses are encountered in the input stream? A nice
Yes, this might make some sense. But to do stream processing, the
message should be encrypted first and stored in a file - may be it
is better that gpg handles this and outputs several complete messages -
to different files or with a special delimiter to stdout.
A problem is how to handle addresses which have not enough trust
assigned; normally a user interaction is required.
> Which brings out another point: Would it be possible to derive the
> recipient userid/address from the pgp output without asking the key
> server? I assume that deriving the key id is easy, but the
> keyid->address could cause some problems.
We can use comment packets for this. The last OpenPGP draft dropped the
comment packets :-((, this is really bad. I changed my code to use the
new comment packet number because PGP said "we never used the RFC1991
specified comment packets, so we reuse this packet type for subkeys" and
assigned a new number for comment packets which are now dropped -- This
is very annoying. I see the need for comment packets and will continue
to support them. Ahhh, OpenPGP has nothing to do with open but with
"documenting" PGP 5 data structures - this is the behaviour of a Redmond
based company - I DON'T LIKE IT.
More information about the Gnupg-devel