OpenPGP headers

Simon Josefsson jas at extundo.com
Wed Aug 11 12:08:37 CEST 2004 

Atom 'Smasher' <atom at suspicious.org> writes:

> http://atom.smasher.org/pgp-headers/pgp-headers02.txt
>
> past my bedtime, this is probably filled with errors.
>
> it now specifies one header (OpenPGP) with 4 name/value pairs.
>
> lemme know what ya'll think....

I believe a BNF schema describing the structure is needed, to match
how headers are described in 2822.  How about the grammar below?
Review appreciated.

I intentionally made 0x optional, and permitted a unlabeled Key ID,
fingerprint or URL.  The text will have to be synced with that change.
If people think it is a good idea, of course.

I also added a 'created' value pair.  I'm not convinced it make sense,
just like I'm not sure alg/size make sense.  'Created' contain unix
time below, matching the V3/V4 key packet 'created' value.  Perhaps
'date-time' could be used, instead of unix time, although the relative
free form of that terminal, together with time zones, might make it
overly complex.  Human readable dates can always be put into comments,
like:

OpenPGP: id=0xB565716F; created=471147111 (10 Aug 2004 22:34:51 +0000)

I think that would be more reliable.

There should probably be text pointing out that alg/size/created is
only useful for V3 keys, as per Werner's recommendation.

I don't know how to easily permit:

OpenPGP: 0424 D4EE 81A0 E3D1 19C6  F835 EDA2 1E94 B565 716F

Instead of just:

OpenPGP: 0424D4EE81A0E3D119C6F835EDA21E94B565716F

I think the first should be permitted, for readability.  If some knows
of a neat ABNF trick to get the first one, that would be good.  Of
course, ugly ABNF is simple to create for it..  This need to be fixed.

If you would accept me as co-editor, I could convert your draft into
xml2rfc format, and add the ABNF below.  The format is pretty self
explanatory, if you know HTML or general XML.  See RFC 2629 for the
full documentation.

Thanks,
Simon

Grammar for OpenPGP header.
---------------------------

This appendix contains the complete ABNF grammar for all the syntax
specified by this document.

By itself, however, this grammar is incomplete.  It refers by name to
several syntax rules that are defined by RFC 2822 and RFC 2396.
Rather than reproduce those definitions here, and risk unintentional
differences between the two, this document simply refers the reader to
RFC 2822 and RFC 2396 for the remaining definitions.

openpgp       :=  "OpenPGP:" id-or-url-value / (parameter *(";" parameter)) CRLF

id-value      := ["0x"] (4*HEXDIG / 8*HEXDIG / 32*HEXDIG / 40*HEXDIG)

url-value     := absoluteURI
                 ; Defined in RFC 2396.

id-or-url     := id-value / absoluteURI

alg-value     := *DIGIT
                 ; Value in RFC 2440 section 9.1.

size-value    := *DIGIT
                 ; Key size in bits.

created-value := *DIGIT
                 ; Correspond to four-octet number in RFC 2440 V3/V4
                 ; key packet that indicate the time the key was
                 ; created.

parameter     := ("id" "=" id-value) /
                 ("url" "=" url-value) /
                 ("alg" "=" alg-value) /
                 ("size" "=" size-value) /
                 ("created" "=" created-value)

   [RFC2234] Crocker, D., Editor, and P. Overell, "Augmented BNF for
             Syntax Specifications: ABNF", RFC 2234, November 1997.

   [RFC2396] Berners-Lee, T., R. Fielding and L. Manister, "Uniform
             Resource Identifiers (URI): Generic Syntax", RFC 2396,
             August 1998.

   [RFC2822] Resnick, P., "Internet Message Format", RFC 2822, April
             2001.

More information about the Gnupg-devel mailing list