Prototyping OpenPGP extensions/signing arbitrary packets

Werner Koch wk at gnupg.org
Sat Apr 5 14:42:22 CEST 2014


On Sat,  5 Apr 2014 03:33, pete at petertodd.org said:

> I mean RFC4880 5.12. User Attribute Packet (Tag 17). 

Actually they are not really useful in real life.  Well, there is the
photo id but that's all.  No software will be able to handle your new
user attribute packet.

> I don't think signature notations are really the right meaning here. In
> the case of a Bitcoin address I don't see any reason why the address
> should be conceptually tied to a specific user-id. Secondly it's

Because that make it immediately useful.  Put something like 

  "Bitcoin NNNNNNNNNNNNNN"

into a user id and flag that user id with a new notation holding the
actual Bitcoin key.  Or just set a notation referring to subkey usable
for Bitcoin.  The keyservers will be able to serve that other software
won't ignore such a new packet.

> perfectly reasonable to want to revoke a specific bitcoin address,
> perhaps because it's not longer used or compromised, similar to how you
> might want to revoke a user ID. Notations on signatures conflate a few

You get that all for free by using a normal user id.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list