gpg: can't put a policy URL into v3 (PGP 2.x style) signature

David Champion dgc at uchicago.edu
Fri Apr 9 20:50:41 CEST 2004


* On 2004.04.09, in <Pine.BSD.4.58L0.0404091434210.40033 at erfrnepu.fhfcvpvbhf.bet>,
*	"Atom 'Smasher'" <atom-gpg at suspicious.org> wrote:
> > > i guess i never realized that clearsigning was a v3-only animal. is that
> > > something that might warrant an update in a pending draft rfc?
> >
> > Huh?  Clearsigning is not a v3 only thing.
> 
> is there a v4 definition of clearsigning that allows subpackets?

I'm not a good one to talk about such things, but to throw in a little
support here: v4 and v3 only refer to the structure of the key data. You
can clearsign with any type of key, because "clearsign" only describes
the datastream of the signed material. GnuPG will clearsign with v3 or
v4 keys.

Only v4 keys allow subpackets; v3 as a key format predates subpacket
support in PGP. Allowing them in v3 keys would make the keys
incompatible across different v3-supporting applications, which would
pretty much negate the purpose of naming one key version "v3" and
another "v4".

You're presumably getting this error not because you can't clearsign,
but because you can't have a policy URL or notation in a v3 key.

-- 
 -D.    dgc at uchicago.edu        NSIT    University of Chicago



More information about the Gnupg-users mailing list