--raw-sign, --raw-verify

Anthony Carrico acarrico at memebeam.org
Mon Apr 10 01:14:52 CEST 2006 

On Sun, Apr 09, 2006 at 05:08:49PM -0400, David Shaw wrote:
> My concern is not about doing this with OpenPGP keys or not.  I think
> that's a fine idea.  My concern is doing this in GnuPG, specifically.
> These signatures would not be OpenPGP signatures.

Understood. I'm glad to read that you aren't concerned about the
premise of sharing the key infrastructure. I see three options (is
there a fourth?):

1. Add raw sign and verify to GnuPG.
2. Maintain applications with parallel key and trust databases.

To me, this seems extremely unkind to users, and implies duplicate
code.

3. Maintain applications with parallel code accessing the same key and
trust databases.

Again, duplicate code, and dangerous if the shared interface isn't
well known and respected.

> We have seen in the past few months two different signature flaws in
> GnuPG, in part caused by lenient parsing of signature data.  I
> question whether GnuPG, an OpenPGP tool, should grow the capability of
> making and issuing non-OpenPGP signatures in a non-standard way.

> My argument is against accepting this feature into the main GnuPG
> code base where it would need to be maintained for all,
...

An understandable concern. The GnuPG community doesn't want or deserve
an ill-conceived new feature. I will try to make my case a little more
solid:

I do NOT propose that GnuPG support or maintain non-OpenPGP protocols
natively. I am trying to forge a secure, minimal path for third party
applications to implement such protocols independently, while sharing
a common OpenPGP key infrastructure with GnuPG.

I do propose that GnuPG allow access to standard signature algorithms
(RSA, DSA) which are already maintained. Please note that there is
precedent in GnuPG for raw access to algorithmic building blocks (the
random number generators and raw message digest algorithms).

> ... but used by very few.

My proposal is a pretty small task, and yet it opens the door to share
GnuPG's key infrastructure with other protocols. Are you sure that it
would only be useful to very few?

And finally, there is the possibility to just go ahead and use OpenPGP
packet syntax in all applications. Hopefully it is obvious that this
isn't always possible.

-- 
Anthony Carrico
http://giftfile.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20060409/946f9003/attachment.pgp

More information about the Gnupg-devel mailing list