subkey binding signature with no usage flags and/or a critical notation

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Mar 15 18:13:50 CET 2013


On 03/15/2013 10:52 AM, Werner Koch wrote:

> What about this untested patch against master:

I just tested it against 1.4.12, and it works for me:

0 dkg at alice:~/src/gnupg/usage-tests$ gpg --list-keys
tru::1:1362476341:1365068202:3:1:5
pub:u:1024:1:F848882DC9A3FA35:1362476202:1365068202::u:::scSCA:
uid:u::::1362476202::8A8AA0A65B6EC7E3D344786B37602CE3D91C1642::test key
with dsa subkey:
sub:u:1024:17:39476078BD60397C:1362476412:1365068412:::::a:
sub:u:512:17:24940DE048B80074:1362695370:1365287370:::::sca:
sub:u:768:17:867E55E65BA8B581:1363119647:1363724447::::::
0 dkg at alice:~/src/gnupg/usage-tests$

thanks!  one minor note below:

> diff --git a/include/cipher.h b/include/cipher.h
> index 191e197..557ab70 100644
> --- a/include/cipher.h
> +++ b/include/cipher.h
> @@ -54,9 +54,14 @@
>  
>  #define PUBKEY_USAGE_SIG     GCRY_PK_USAGE_SIGN  /* Good for signatures. */
>  #define PUBKEY_USAGE_ENC     GCRY_PK_USAGE_ENCR  /* Good for encryption. */
> -#define PUBKEY_USAGE_CERT    GCRY_PK_USAGE_CERT  /* Also good to certify keys. */
> +#define PUBKEY_USAGE_CERT    GCRY_PK_USAGE_CERT  /* Also good to certify keys.*/

^^ this whitespace change in the comments doesn't seem to be relevant or
necessary to me.

Do you think it's worth applying the small changeset i suggested earlier
that allows creation of all-zero usage flag subpacket as well, or is
that something that we should treat separately?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130315/d37e0cf6/attachment.sig>


More information about the Gnupg-devel mailing list