Policy URL

David Shaw dshaw@jabberwocky.com
Thu Oct 4 00:30:01 2001


--XsQoSWH+UP9D9v3l
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Oct 03, 2001 at 06:08:15PM -0300, rmartini@iis.com.br wrote:

> I found at the gpg an original flag "--set-policy-url".=20
> What's this?=20
> Well, I can understand this option literally...=20
> But, the RFC 2440 tell us about this:
>=20
> "5.2.3.19. Policy URL
> This subpacket contains a URL of a document that describes the policy
> that the signature was issued under."
>=20
> Someone wrote or knows a simple example of this document? The
> "Policy" above decribed means the limitation or validity of the
> signature?
The document can be whatever you like (it can even be a CGI). There is no set format. I presume it could be used to say things like "I checked this person's drivers licence with a photo, and confirmed her email address was correct. I did not check her middle name." or more simply if you use the same URL for every signature "This is what I do before I sign:...". David --=20 David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +--------------------------------------------------------------------------= -+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iQEVAwUBO7uQ54ccwqs8s7QVAQGX5wf/VBbbUbbeq72FTv9aJD9N1EbdaUooH/bW M48HOz8rqGLXDSGuB0GJJkowluPSMM7ExA4SXraDzvIIMxPPB+dtfz/iCRyVEdZh XBSH+Hz5zoL65EfhD6oybwi0Nqs5KK9EsWnGteJMy6pQLpt12fwHs1m42JxT/XCa LtVSHBRCVe7mgW5kzVqAsXunqbVHZqTZr8Vi8G1ZU2RSr0e/rljjJqs+1b0wrhI4 27vm1OO29PryrCU6q6H4oUxY1WF7kn79sdarx+mwdi3Bt8S+s38pTSVSp6MTrelu eG49zK6y3OklSh8FKqSC4gs5dq7EA/K36nzdP3jLRtod/S7+gLZG2w== =TRcz -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l--