SHA3 IANA registration - method?

Werner Koch wk at gnupg.org
Mon Apr 29 13:52:29 CEST 2013


On Mon, 29 Apr 2013 02:34, philcerf at googlemail.com said:

> 1) much more property fields that describe the key holder

I don't want the whole X.509 mess introduced in a protocol we tried to
keep clean for real use.

> 2) The UID should no longer be the name but rather a string which
> semi-uniqly identifies the key in the realm where it will be used,

Please read 5.11:

   A User ID packet consists of UTF-8 text that is intended to represent
   the name and email address of the key holder.  By convention, it
   includes an RFC 2822 [RFC2822] mail name-addr, but there are no
   restrictions on its content.  The packet length in the header
   specifies the length of the User ID.

There is nothing which enforces how you represet the name, you may put
arbitrary data into the UID.  However, it is common to use a mail
address and thus GnuPG (by default) checks for that.

> 3) IMHO, everything should be tightened up a bit, e.g. things like the
> critical-flag should become the default and rather a non-critical flag
> should be introduced. Unknown sig subpackets should be generally

Why should we change somthing which has not shown problems in the
past.  If you want X.509, use X.509 for example with gpgsm.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list