Sat Dec 7 00:18:04 2002
On Fri, Dec 06, 2002 at 07:51:47PM +0100, Kai Raven wrote:
> Hello David,
> On Fri, 6 Dec 2002 08:01:02 -0500 you wrote:
> > Note that the OpenPGP standard doesn't like people to use any tag name
> > they like ("info" in the above example). The standard asks that
> > people who want to make up their own tags use a tag name like
> > "firstname.lastname@example.org". You can use your email address for example,
> > but the only important thing is that it has a '@' in there somewhere.
> Have read this in
> Names in the user name space consist of a UTF-8 string tag followed
> by "@" followed by a DNS domain name. Note that the tag MUST NOT
> contain an "@" character. For example, the "sample" tag used by
> Example Corporation could be "email@example.com".
> Names in a user space are owned and controlled by the owners of that
> domain. Obviously, it's of bad form to create a new name in a DNS
> space that you don't own.
> Since the user name space is in the form of an email address,
> implementers MAY wish to arrange for that address to reach a person
> who can be consulted about the use of the named tag. Note that due
> to UTF-8 encoding, not all valid user space name tags are valid
> email addresses.
> for my understanding: the name@domain syntax has something to do with
> the UTF-8 encoding or name resolution? Don't understand this
> section very well.
The idea is to prevent collisions in the limited namespace (if I make
a notation name "foo", and so does 10 other people, what happens if my
"foo" doesn't mean the same thing?). The answer is to write
firstname.lastname@example.org, which if I am the owner of example.com, means that
it's MY "foo" and not anybody elses. The note about email address is
just a side benefit - since the tag name is "email@example.com" it
becomes an email address and that address could be pointed towards
someone who can be consulted about the use of the tag.
> And what would you say is the best or general form of the 'name' part of
> the notation string for a private user? The e-mail address of the
> person, who is the holder or creator of the notation or in conjunction
> with a sig or cert policy, the holder/creator of the policy?
I'd use a modified email address. For firstname.lastname@example.org, I'd do
something like "email@example.com". That guarantees that it's
a unique tag name and also lets the user have more than one.
Still, if a tag is useful enough, I'd submit it to the IETF for
standardization so everyone can benefit.
David Shaw | firstname.lastname@example.org | WWW http://www.jabberwocky.com/
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson