notation data & policy URL

David Shaw dshaw at
Sat Apr 10 13:13:00 CEST 2004

On Sat, Apr 10, 2004 at 03:39:37AM -0400, Atom 'Smasher' wrote:

> > Because you want to say "this is how I verified the key".  Someone
> > else wants to say "this key belongs to me".  Someone else wants to
> > embed unprintable binary data.  Someone else wants to give his phone
> > number.
> >
> > Thus, a key=value pair.  Notations are a general purpose extension
> > mechanism.  They are not a policy URL alternative.
> ===========================================
> i still don't get it...
> is there a formal way that things are supposed to be done within notation
> data? what are some examples of proper uses (and improper abuses) of
> notation data? is it meant to someday replace other packets?

The draft defines it thus:

    Notation names are arbitrary strings encoded in UTF-8. They reside
    two name spaces: The IETF name space and the user name space.

    The IETF name space is registered with IANA. These names MUST NOT
    contain the "@" character (0x40) is this is a tag for the user
    name space.

    Names in the user name space consist of a UTF-8 string tag
    followed by "@" followed by a DNS domain name. Note that the tag
    MUST NOT contain an "@" character. For example, the "sample" tag
    used by Example Corporation could be "sample at".

    Names in a user space are owned and controlled by the owners of
    that domain. Obviously, it's of bad form to create a new name in a
    DNS space that you don't own.

    Since the user name space is in the form of an email address,
    implementers MAY wish to arrange for that address to reach a
    person who can be consulted about the use of the named tag.  Note
    that due to UTF-8 encoding, not all valid user space name tags are
    valid email addresses.

Once you have a @ character in the key, you are explicitly saying that
the format of the value is defined by you.  You can thus put anything
you like in there.  Since the IETF has not defined any "official"
keys, GnuPG requires you to have that @ character.


More information about the Gnupg-users mailing list