atom at suspicious.org
Tue Aug 10 23:23:12 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 10 Aug 2004, Thomas [iso-8859-1] Sjögren wrote:
> On Tue, Aug 10, 2004 at 10:53:25AM -0400, Atom 'Smasher' wrote:
>> the id (or fingerprint) is just as important in determining the correct
>> key as the size and algo.
> dont you mean "the size and algo is just as important
> in determening the correct key as the id (or fingerprint)"?
yes, that too ;)
> however, i dont believe that is true since the way to find the correct
> way is the check the complete fingerprint. the size and algo is of no
> interested in determining the correct key:
> 1. it's isn't near unique and isn't supposed to be
> 2. people change key sizes and algo but dont change keys, take for
> example the use of subkeys.
if only a single identifier could be used to determine a particular key,
of course we'd use a fingerprint. but i think the other identifiers are
too important to toss aside.
i'm not sure what you mean about subkeys... these headers only identify
>> draft 0.1 <http://atom.smasher.org/pgp-headers/pgp-headers01.txt> allows a
>> full fingerprint to be used as a key id. it also specifies that a key id
>> SHOULD be prefixed with "0x"... the prefix aids in avoiding ambiguity.
> Since this draft is about providing "information about the senders OpenPGP key."
> I think section 1.1.1 should be different because, as stated in rfc 2440
> implementations SHOULD NOT assume that Key IDs are unique.
> Hence, to correctly identify a key you need the complete fingerprint.
the fingerprint can be used in the OpenPGP-Key header (id) and/or the
OpenPGP-Fingerprint header. this is acceptable:
OpenPGP-Key: id=0x762A3B98A3C396C9C6B7582AB88D52E4D9F57808 ;
algo=1 ; size=4096
and i should include that as an example in the draft.
taking your point a step further, though, should the fingerprint be used
as an ID in the OpenPGP-Key header (id), and then there's no need for a
OpenPGP-Fingerprint header? or... should there be separate headers for the
fingerprint, algo and size?
of these options, i sort of like using the full fingerprint in the id
field, and making that a MUST. and then the spec would consist of only two
headers, "OpenPGP-Key" and "OpenPGP-URL".
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
"Television: A medium. So called because it is neither rare
nor well done."
-- Ernie Kovacs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
-----END PGP SIGNATURE-----
More information about the Gnupg-devel