How about "--with-packet-data" instead?

Michael Young mwy-gpg41 at
Sat Feb 1 08:02:02 CET 2003

Hash: SHA1

> From: Werner Koch <wk at>
> On Mon, 20 Jan 2003 17:54:42 -0500, Michael Young said:
> > The "--with-key-data" switch only dumps the MPIs, and that's
> > not nearly enough for my needs.
> > A "--with-packet-data" switch might be even more useful for
> > scripting.  What do others think... would this be better?
> That would expose details of the OpenPGP protocol; GnuPG is supposed
> to hide this.

This seems like a pretty thin distinction that isn't always followed now.

The "--with-key-data" switch exposes some internals, too.  I can't say
for sure, but I'd guess that this switch was offered to allow useful
analysis (e.g., statistics on public keyrings), or to convert keys for
use with another program.  The latter is exactly what I'd like to do
with a "--with-packet-data" switch; exposing the packets allows easy
reassembly into something that other OpenPGP applications can use.

Exporting a key already exposes the OpenPGP data.  The only
new detail that this switch would be exposing is the packet
boundaries.  The existence of packets is hardly a secret.

Further, GnuPG provides all sorts of protocol-oriented options:
choice of cipher, hash, compression, and even string-to-key
algorithms; showing session keys; control over interoperability
behavior.  GnuPG allows these aspects of the protocol to
show through because users want to see them.  Exposing
packet boundaries doesn't seem like much of a stretch, if any.

So, let me ask a more pointed question: if I were to implement
this switch, would you accept this option, or would you reject it?

Version: PGP Personal Privacy 6.5.3


More information about the Gnupg-devel mailing list