Question about UIDs and valid email addresses

Todd Todd <Freedom_Lover@pobox.com>
Tue Jun 10 23:52:02 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Toxik - Fabian Rodriguez wrote:
> I am using GnuPG 1.2.1 and was wondering how can I add a uid with an email
> with this structure: <protocol:name@domain.org>
>
> I wanted to add my Jabber ID in the same way PGP added my ICQ no. to my
> key (several years ago) but GnuPG complains it's not a valid email
> address.

I would have thought that using the allow-freeform-uid option would let you
do this, but trying it proves that wrong.  It looks like in g10/keygen.c,
only the "Real Name" portion of the user id is affected by that option.  The
email address and comment are still both subjected to some testing.

If you only want to do this personally, you can, as you probably know, just
patch the source and recompile.  Copying from the name code block just
above, something like this would disable checking (this is against 1.2.2 and
I haven't recompiled to test this):

- --- keygen.c~	Wed Apr  9 10:58:01 2003
+++ keygen.c	Tue Jun 10 17:43:58 2003
@@ -1266,6 +1266,10 @@
 		amail = cpr_get("keygen.email",_("Email address: "));
 		trim_spaces(amail);
 		cpr_kill_prompt();
+
+		if( opt.allow_freeform_uid )
+		    break;
+
 		if( !*amail )
 		    break;   /* no email address is okay */
 		else if( has_invalid_email_chars(amail)
@@ -1285,6 +1289,10 @@
 		acomment = cpr_get("keygen.comment",_("Comment: "));
 		trim_spaces(acomment);
 		cpr_kill_prompt();
+
+		if( opt.allow_freeform_uid )
+		    break;
+
 		if( !*acomment )
 		    break;   /* no comment is okay */
 		else if( strpbrk( acomment, "()" ) )

Whether it's a good idea to do that or not isn't something I'm qualified to
answer.  But it does seem inconsistent to enforce rules even when you have
allow-freeform-uid set.  The manpage says:

    --allow-freeform-uid
              Disable  all  checks  on  the  form  of the user ID while
              generating a new one.  This option should only be used in
              very special environments as it does not ensure the de-
              facto standard format of user IDs.

Either allow-freeform-uid should disable all checking on the format of the
user id or the manpage should be updated to reflect it's current operation,
IMHO.

- -- 
Todd              OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
============================================================================
Before all else, be armed.
    -- Machiavelli

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQE+5lM3uv+09NZUB1oRAg2nAKCPoldaN+mTzRnFBDvkMzaDHl9hJgCfbMms
Rjo53XLzUKmwRfBg8TsZOvY=
=TyYu
-----END PGP SIGNATURE-----