Keyrings for websites
Alex Mauer
hawke at hawkesnest.net
Thu Feb 8 20:10:00 CET 2007
Peter Pentchev wrote:
> using PGP keys (or rather, uid's) with only names, no e-mail addresses.
> You could either use such keys with the hostname (or the full path to
> the web application) placed directly in the "name" part of the user ID,
> or develop some kind of machine-readable encoding to represent a host
> name, application path, application name, or any level of detail you
> feel comfortable with, and then place those in the "name" or the
> "comment" part of the key's user ID. After that, proceed as usual -
This sort of overloading of the name/comment/email fields bothers me. I
wish that UIDs were more of a key/value system (one key/value pair per
IUID), e.g. name=William Surrey, email=bill at home.example.org,
email=william.surrey at business.example.com, comment=Billy's key,
alias=Bill; or name=Example's awesome wiki!, hostname=www.example.org,
application=mediawiki (for the purpose given above). I'm thinking
something equivalent to what vorbis comments are for ogg vorbis audio
files. See http://xiph.org/vorbis/doc/v-comment.html
Of course, I doubt that the OpenPGP spec allows for this sort of
extensibility in the comments, or if it does that anyone's willing to
implement it (or it would have been done by now). But it sure would be
great if it were to happen.
More information about the Gnupg-users
mailing list