notation data & policy URL

David Shaw dshaw at
Sat Apr 10 01:48:26 CEST 2004

On Fri, Apr 09, 2004 at 07:38:37PM -0400, Atom 'Smasher' wrote:

> > > i still don't 'get' why the notation data is in the form: foo=bar
> > > why not have just 'foo', or 'bar'?
> >
> > Because the standard says so :)
> =======================
> ok... next question: why does the standard say so?
> it seems odd that instead of being able to specify:
> 	this is how i verified the key
> one has to, instead, specify:
> 	X at Y=this is how i verified the key

Because you want to say "this is how I verified the key".  Someone
else wants to say "this key belongs to me".  Someone else wants to
embed unprintable binary data.  Someone else wants to give his phone

Thus, a key=value pair.  Notations are a general purpose extension
mechanism.  They are not a policy URL alternative.

> > > also, can a policy url and/or notation data be included in a self
> > > signature?
> >
> > Sure, why not?  Self-signatures are signatures too.
> =======================
> how would one do that?

Same way one would do it for a non self-signature.  cert-policy-url or


More information about the Gnupg-users mailing list