notation data

Marcus Brinkmann marcus.brinkmann at
Sat Oct 1 18:14:37 CEST 2005


I implemented a "set notation data" function for GPGME.  One can set
the critical flag.  Only human-readable strings are currently allowed,
as GnuPG doesn't support any other.  For policy URLs, the
human-readable flag is of course meaningless and not set.

Here a couple of points.

1. GPGME currently does pass through the notation data unchanged.
   This means patterns are evaluated (like %k etc).  As I can convert
   a string with escape charactere transparently in GPGME, no action
   in GnuPG is required to make this behaviour optional.  But I think
   it would be convenient to have a flag that switches it off (it can
   be a pseudo flag for the notation data).

2. There is no way to pass arbitrary binary data for the notation
   name(!) and value to GnuPG.  So currently only strings are allowed.

3. There is no way to specify a notation name that starts with a '!'
   character without setting the critical flag (and I am not sure if
   "!!name at foo" will even work).  GPGME could detect this and return
   an error, but currently it doesn't.  Furthermore, if more flags are
   defined by the standard, names that used to work may start to
   trigger new behaviour unexpectedly.  I would like to see a more
   robust way to specify flags.

4. There is no way to read out the critical flag.  GnuPG should issue
   a NOTATION_FLAGS status message after NOTATION_DATA with the flags
   of the notation.

5. GnuPG automatically sets the human-readable flag.  This seems to be
   wrong to me, as RFC2440 says:

       First octet: 0x80 = human-readable. This note is text, a note
                           from one person to another, and has no
                           meaning to software.

   But we don't know if the notation is a "text, a note from one
   person to another, and has no meaning to software".  It could very
   well be something like an "X-Face", which arguably does not fit
   this definition at all.  Maybe I am misreading the standard.

   For now, I enforce the human-readable flag via the GPGME interface,
   so the user has no choice.  But this is only because GnuPG does not
   make it configurable.  I think it should be configurable.


More information about the Gnupg-devel mailing list