Suggestion for OpenPGP standard update
Wiktor Kwapisiewicz
wiktor at metacode.biz
Wed Nov 1 21:28:07 CET 2023
Hi Jeff,
I think a more appropriate venue for this type of discussion would be the OpenPGP Mailing List. See https://www.ietf.org/mailman/listinfo/openpgp
Kind regards,
Wiktor
>Hello,
>
> I was thinking, it's time for the OpenPGP standard to be updated with a shorter form for the parts of inline messages that indicate a message is signed and/or encrypted, to make it more useful for signing and/or encrypting messages on services that limit the number of chars per message. For example, a lot of Mastodon instances of the ActivityPub Fediverse, limit message length to 500 chars. It's a lot to give up a large fraction of the message char length for the following openpgp bits:
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA512
>-----BEGIN PGP SIGNATURE-----
>-----END PGP SIGNATURE-----
>
>That's 108 characters just for OpenPGP. If that could be abbreviated, that would save some precious chars for people's actual messages. I realize that gnupg devels don't own the standard, but have to simply implement the standard, but I thought you all might be in a position to advocate such a change with whoever maintains the standard.
>
>So, for example, maybe something like:
>
>--BPSM--
>H: SHA512
>--BPSG--
>--EPSG--
>
>Which reduces the total char count down to 39 chars (of course, not counting the actual encrypted hash) at least with SHA512 as the hash - of course, it would be variable length because the hash abbreviation might be longer or shorter for other hashes.
>
>Sorry if this has been previously discussed on the mailing list - the list server does not provide a search function, and I couldn't find this in the gnupg FAQ, or doing a web search for "shorter pgp signature".
>
>It does occur to me another approach would be to attach signatures to such posts as an .asc file or .sig file, but as that may not always be an available solution for everyone, it really seems like shortening the openpgp inline text delimiters could be helpful in a lot of cases.
>
More information about the Gnupg-devel
mailing list