Changing "main" user ID

David Shaw dshaw@jabberwocky.com
Fri Sep 13 20:59:01 2002


On Fri, Sep 13, 2002 at 08:26:23PM +0200, Mark Kirchner wrote:
> On Friday, September 13, 2002, 7:55:30 PM, David wrote:
> > On Fri, Sep 13, 2002 at 06:38:49PM +0200, Mark Kirchner wrote:
> >> [snip]
> >> I assume that the "main id" has no particular relevance (for the key /
> >> encryption / security) so that changing it would just be a cosmetical
> >> thing. Am I missing something?
> >
> > It is just a cosmetic change, but you are not permitted to make the
> > change for keys you do not own.
> 
> Uh, yes I got that already :-)
> 
> > Only the key owner can decide how their key is displayed.
> 
> I hope you don't mind me asking, but: Says who? Of course, the
> programmers do, but: Is there a special reason behind it, is it in the
> OpenPGP-Standard? Which would lead to the next question: Why is it in
> there?

Actually, it isn't in there.  The standard is really mostly a
'on-the-wire' spec.  It often says little or nothing about
interpretation.  There is nothing in the spec to prevent such a thing.
An easy way to do it would be to add the primary uid indicator to the
unhashed area of the self-signature.  Of course, if you are doing
something local then you can do whatever you want.

> Call me old-fashioned, but: All the necessary data is there, the data
> is public (at least it's from the "public" key) and gpg runs on _my_
> machine, so IMHO _I_ should be the one to decide how the data is
> /displayed/. (Of course, within reasonable limits.)
> I don't want to change someone else public key, I don't want to add to
> or remove something from it, it's just a matter of how it's displayed
> on my machine. (At least I interpreted your "cosmetic change" that
> way.)

That's the problem here... what happens after you export the key to
give to a friend?  Should GnuPG strip the primary uid subpacket that
you added?  How does it know that it was one that you added and not
someone else?  Should it strip unhashed primary uid subpackets when
importing keys?  Why or why not?

There are sometimes very good reasons for adding unhashed data to
self-signatures on keys you don't own (to add a MDC flag for example).
In this case, it opens up a whole lot of potentially dangerous
questions for something that is, after all, cosmetic.

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson