New crypto idea implemented in gpg

David Shaw
Thu Mar 13 03:31:01 2003

Hash: SHA1

On Tue, Mar 11, 2003 at 03:08:14PM -0500, Brent R. Waters wrote:
> Hi,
> I took Werner's suggestion and moved the Incomparable Public Key algorithm
> to #106 instead of #39. There has also been a suggestion that I should
> make my code be able to produce Incomparable Public Keys in such a way
> that they can be used in standard GPG (presumably they could become
> something like ElGamal encrypt-only keys). While this is an intriguing idea
> I think for now I will shy away from it. In addition to possible coding
> nuances I am concerned about interfering with the OpenPGP standards in
> some way (I already managed to do that with my initial choice of the
> algorithm number).
> If people are interested in trying out this idea they can use
> the code that I put up. (My code should be able to handle the other
> OpenPGP stuff also, although since it is a test version it is probably
> best to separate the two.) Werner has informed me that if the idea works
> well there is a decent chance it might become incorporated into the
> standard at some time in the future. So it looks like there is a chance
> that it could become part of OpenGPG in a clean way.

One of the things that harms OpenPGP compatibility of this is the lack
of a self-signature on the user ID.  There is no particular problem
with the user ID being fake, but the lack of a self-sig hurts (in
practice, even though the OpenPGP spec allows it).

Is there any problem with signing the user ID?  I imagine that the
keyid field of the signature can be set to the same as the
incomparable public key.  Each incomparable public key should be able
to verify signatures made by the single secret key, correct?

Version: GnuPG v1.2.2rc1 (GNU/Linux)