key sig notation data in --with-colon mode?

Marcus Brinkmann marcus.brinkmann at
Sun Oct 2 03:19:38 CEST 2005


I guess what I am trying to say in way too many words is the following:

If this whole discussion is indeed limited to subpackets, then I think
I am fine.  It doesn't really matter to me if the format is

SUBPACKET 20:3:24:%80%00%00%00%00%09%00%07MyFOO at FOOABCDEFG



One is as good as the other, they convey the very same information.
In fact, I prefer the first format as it is slightly more powerful.

If X.509 comes up with similar features, they will probably be
distinct enough to justify a different format (and name) anyway.

So, at this level, the distinction seems to be strictly syntactical.

My concern would then be the danger of the slippery slope, but that is
not a technical argument, so it's not carrying much weight.

The remainig issues I have then are simply:

* How to write arbitrary subpackets.  Currently, I have to do things
  like --sig-notation !MyFOO at FOO=ABCDEFG at the command line.

  Suggestion: How about
  --add-subpacket 20:3:24:%80%00%00%00%00%09%00%07MyFOO at FOOABCDEFG
  as a command line option?

* How to get at the subpacket data when not in keylisting, but in
  signature verification.  Currently, I only get the inferior second
  form above, without the flags. 

  Suggestion: As said before, adding a SUBPACKET status message would
  do the trick for me.


More information about the Gnupg-devel mailing list