embedded public key in signature as in smime.

Uwe Brauer oub at mat.ucm.es
Wed Jan 9 15:35:54 CET 2013


>> "Daniel" == Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:

   > On 01/08/2013 05:02 PM, Uwe Brauer wrote:
   >> Are there any plans to modify the signature (backward compatible?) such
   >> that it contains the public key embedded as in smime?

   > Not that i know of.  Why do you think this would be useful?


I think it would make it easier to interchange public keys.
I have tried over many years to encourage my friends to use pgp, one of
the obstacles was the extraction and interchange of the public keys.

I started to use smime recently and besides its flaws I have to admit
that the key interchange is easier (most likely be more insecure) 

   > You could do all of this within the existing OpenPGP specification, but
   > to make it actually useful (and not just bloat your signatures in ways
   > that no one else bothers to take advantage of) you might want to modify
   > GnuPG a bit.

   > Here are some thoughts on how you might approach it if you think this is
   > a worthwhile goal.

   > OpenPGP notations: https://tools.ietf.org/html/rfc4880#section-5.2.3.16
thanks



[snip]

   > So to extend gpg, you might add some other --verify-options directive
   > like import-embedded-key-notation.

   > make sense?

I think it does, but it sounds like a project for the (far) future.

regards

Uwe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4474 bytes
Desc: not available
URL: </pipermail/attachments/20130109/f0fa8cb3/attachment.bin>


More information about the Gnupg-users mailing list