Extra information in public key

David Srbecky dsrbecky at gmail.com
Tue Aug 9 00:51:02 CEST 2005


I just found up-to-date RFC 2440:

Here is 5.12:

> 5.12. User Attribute Packet (Tag 17)
>     The User Attribute packet is a variation of the User ID packet.  It
>     is capable of storing more types of data than the User ID packet
>     which is limited to text.  Like the User ID packet, a User Attribute
>     packet may be certified by the key owner ("self-signed") or any
>     other key owner who cares to certify it.  Except as noted, a User
>     Attribute packet may be used anywhere that a User ID packet may be
>     used.
>     While User Attribute packets are not a required part of the OpenPGP
>     standard, implementations SHOULD provide at least enough
>     compatibility to properly handle a certification signature on the
>     User Attribute packet.  A simple way to do this is by treating the
>     User Attribute packet as a User ID packet with opaque contents, but
>     an implementation may use any method desired.
>     The User Attribute packet is made up of one or more attribute
>     subpackets.  Each subpacket consists of a subpacket header and a
>     body. The header consists of:
>       - the subpacket length (1, 2, or 5 octets)
>       - the subpacket type (1 octet)
>     and is followed by the subpacket specific data.
>     The only currently defined subpacket type is 1, signifying an image.
>     An implementation SHOULD ignore any subpacket of a type that it does
>     not recognize.  Subpacket types 100 through 110 are reserved for
>     private or experimental use.

The important sentence is the last one: there are 11 types to play with.

I suggest to take pick one type between 100 and 110 and use it to store 
extra information. Since we may want to add various data, I suggest to 
store them as a series of named proprieties.

The attribute format could look like this:

  - Magic number identifying this experimental attribute
  - UTF-8 Name of property 1
  - Data length for property 1
  - Data of property 1
  - UTF-8 Name of property 2
  - Data length for property 2
  - Data of property 2
  - etc...

And the content might look like this:

First name=David
Last name=Srbecky
Country=Czech Republic
City=Usti nad Labem
Telephone=+65 536 1024
Homepage url=http://www.gnupg.org/
Prefers encrypted mail=true
Prefers signed mail=true
Preferred encapsulation=MIME
PGP key url=http://www.gnupg.org/dsrbecky/pgp.key

As this attribute will contain a lot of text, it should be encapsulated 
in Compressed Data Packet (Tag 8).

So, what do you think?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20050809/3ba20328/signature.pgp

More information about the Gnupg-users mailing list