Policy URL
David Shaw
dshaw@jabberwocky.com
Thu Oct 4 00:30:01 2001
--XsQoSWH+UP9D9v3l
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Oct 03, 2001 at 06:08:15PM -0300, rmartini@iis.com.br wrote:
> I found at the gpg an original flag "--set-policy-url".=20
> What's this?=20
> Well, I can understand this option literally...=20
> But, the RFC 2440 tell us about this:
>=20
> "5.2.3.19. Policy URL
> This subpacket contains a URL of a document that describes the policy
> that the signature was issued under."
>=20
> Someone wrote or knows a simple example of this document? The
> "Policy" above decribed means the limitation or validity of the
> signature?
The document can be whatever you like (it can even be a CGI). There is
no set format.
I presume it could be used to say things like "I checked this person's
drivers licence with a photo, and confirmed her email address was
correct. I did not check her middle name." or more simply if you use
the same URL for every signature "This is what I do before I sign:...".
David
--=20
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
--XsQoSWH+UP9D9v3l
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iQEVAwUBO7uQ54ccwqs8s7QVAQGX5wf/VBbbUbbeq72FTv9aJD9N1EbdaUooH/bW
M48HOz8rqGLXDSGuB0GJJkowluPSMM7ExA4SXraDzvIIMxPPB+dtfz/iCRyVEdZh
XBSH+Hz5zoL65EfhD6oybwi0Nqs5KK9EsWnGteJMy6pQLpt12fwHs1m42JxT/XCa
LtVSHBRCVe7mgW5kzVqAsXunqbVHZqTZr8Vi8G1ZU2RSr0e/rljjJqs+1b0wrhI4
27vm1OO29PryrCU6q6H4oUxY1WF7kn79sdarx+mwdi3Bt8S+s38pTSVSp6MTrelu
eG49zK6y3OklSh8FKqSC4gs5dq7EA/K36nzdP3jLRtod/S7+gLZG2w==
=TRcz
-----END PGP SIGNATURE-----
--XsQoSWH+UP9D9v3l--