per-user data signatures [was: Re: multiple keys vs multiple identities]
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Sep 24 18:47:32 CEST 2010
On 09/24/2010 11:53 AM, David Shaw wrote:
> There is actually a defined field for this in OpenPGP (see section 5.2.3.22, Signer's User ID). I don't think anyone implements it though.
Ah, so there is! Thanks, David.
>> However, testing right now, it doesn't seem to work with gpg for regular
>> data signatures:
>>
>> echo test | gpg --sign --set-notation 'test at example.org=test' | \
>> gpg --list-packets
>>
>> does not show the notation :(
>
> It works for me. I even cut and paste your exact command line.
>
> hashed subpkt 20 len 28 (notation: test at example.org=test)
Weird. What am i doing wrong? what version of gpg are you using?
Here's my full transcript:
>> 0 dkg at pip:~$ echo test | gpg --sign --set-notation 'test at example.org=test' | gpg --list-packets
>>
>> You need a passphrase to unlock the secret key for
>> user: "Daniel Kahn Gillmor <dkg at fifthhorseman.net>"
>> 4096-bit RSA key, ID D21739E9, created 2007-06-02
>>
>> :compressed packet: algo=1
>> :onepass_sig packet: keyid CCD2ED94D21739E9
>> version 3, sigclass 0x00, digest 10, pubkey 1, last=1
>> :literal data packet:
>> mode b (62), created 1285346618, name="",
>> raw data: 5 bytes
>> :signature packet: algo 1, keyid CCD2ED94D21739E9
>> version 3, created 1285346618, md5len 5, sigclass 0x00
>> digest algo 10, begin of digest d5 88
>> data: [4096 bits]
>> 0 dkg at pip:~$ gpg --version
>> gpg (GnuPG) 1.4.10
>> Copyright (C) 2008 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.
>>
>> Home: ~/.gnupg
>> Supported algorithms:
>> Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
>> Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
>> CAMELLIA192, CAMELLIA256
>> Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
>> Compression: Uncompressed, ZIP, ZLIB, BZIP2
>> 0 dkg at pip:~$
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100924/aef3030f/attachment.pgp>
More information about the Gnupg-users
mailing list