key sig notation data in --with-colon mode?

Werner Koch wk at
Tue Oct 4 08:53:59 CEST 2005

On Sun, 02 Oct 2005 03:00:50 +0200, Marcus Brinkmann said:

> Actually, I am not really ambitious about this.  But it seems to me
> that a decision to only to import/export the raw subpacket data is
> quite a deviation from the "design contract" that GPGME has with
> GnuPG.  I am not sure that is really intentional, maybe Werner can
> clarify this.

Please recall that the aim of gpgme is not to be a all purpose crypto
library but to provide a mostly protocol neutral interface for
encryption and signing of email and data.  As such we have to take
care whether a certain feature is really required.  I discussed the
notation thing with Marcus a few days ago and the basic reasons why we
came up with it are:

 * To support the PKA feature (connecting keys to DNS).

 * CMS and OpenPGP both provide features one might want to call
   notation data.  Thus we can conclude that this is a common property
   of encryption protocols.

> of way.  And starting to put RFC2440 parser logic into GPGME when we
> have come such a long way without it seems a major deviation to me,

We had the design goal that GPGME should not be aware of OpenPGP
internals.  Let's avoid creating another airport[1].



[1] "The code is the crypto equivalent of Heathrow Airport."
                                           - Peter Gutmann

More information about the Gnupg-devel mailing list