OpenPGP SMTP headers
David Shaw
dshaw at jabberwocky.com
Tue May 18 22:41:32 CEST 2004
On Tue, May 18, 2004 at 04:31:23PM -0400, Jeffrey Stedfast wrote:
> On Tue, 2004-05-18 at 16:21 -0400, David Shaw wrote:
> > > On Tue, 2004-05-18 at 16:13 -0400, David Shaw wrote:
> > > > On Tue, May 18, 2004 at 03:55:12PM -0400, Atom 'Smasher' wrote:
> > > > > would it be within the scope of RFC 2440 to recommend SMTP headers related
> > > > > to pgp keys? such as:
> > > > >
> > > > > X-OpenPGP-KeyID: 0xB88D52E4D9F57808 (4096-RSA)
> > > > > X-OpenPGP-Fingerprint: 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
> > > > > X-OpenPGP-URL: http://smasher.suspicious.org/pgp.txt
> > > >
> > > > This is really a question for the IETF OpenPGP list, but the answer
> > > > (for me, anyway) is 'no'. 2440bis is mainly a data format document.
> > > >
> > > > That isn't to say that you can't make a RFC for such a thing. Just
> > > > that 2440bis isn't the one to use.
> >
> > On Tue, May 18, 2004 at 04:15:50PM -0400, Jeffrey Stedfast wrote:
> > > You should be using PGP/MIME anyway. Death to "inline pgp" for MIME
> > > messages.
> >
> > ?
> >
> > The original post was in regards to headers to say "this is my key and
> > here is how to get it". It has nothing to do with the use of PGP/MIME
> > or not.
>
> why not just application/pgp-keys mime part attachment?
Because again, that isn't what was being asked for. An
application/pgp-keys attachment is the key itself. That's great if
someone wants to include their entire key along with every message,
but most people don't want to do that.
A header says "you can download my key from here if you want it".
application/pgp-keys says "here is my key. Take it."
You could do the same thing in an attachment if someone wanted to
define some new attachment type that was (for example) the URL of a
key. In practice, most people use some variation of x-pgp-fingerprint
or the like.
David
More information about the Gnupg-devel
mailing list