OPENPGP URI PROPOSAL

mofo syne mofosyne at gmail.com
Thu May 21 17:59:07 CEST 2015


You might see a few copies around. This one is edited and streamlined with
some advice from Hasimir to help keep this proposal focused. This is
mirrored in here
<http://www.reddit.com/r/GnuPG/comments/36lmih/i_wonder_if_there_is_a_gpg_uri/>


Last updated: 2015-05-22





*=============================OPENPGP URI
PROPOSAL=============================## Brief/Objective
####################*

This proposal is to provide an alternative to the openpgp block messages,
in the form of a uri ( e.g. `http://` ). This would make such messages more
web friendly, as well as taking advantage of autolaunching apps to handle
such messages. Such links may be embedded within email messages or
webclients, or as a 2d barcode on a physical poster.

This aims to be flexible and futureproof, by supporting any mix of
variables or payload that may be thrown in it's way (e.g. percent encoding,
base64, etc... )

*## Schema Description ##*

    openpgp:// [<mode>] [;key:value] [;key<?length><!encoding>::value]
<;<?length><!encoding>::payload_data>

* `openpgp://`       - is the start of the openpgp uri
* `;`                - is used as a delimiter.
* `[;key:value]`     -  for simple keyvalues: `;name:clark`
* `[;key<?length><!encoding>:value]`
 - `::`                      - is used to aid visual inspection, since the
content would be more of a long complex string, rather than a simple
key:value pair
 - `[;key?length:value]`     - safely read in string: `;name?10::clark;kent`
 - `[;key?encoding:value]`   - `;sig!base64::f4h5k34589ht...`
* `<;<?length><!encoding>::payload_data>`
 - payload do not require key value. But it has optional encoding and
length (Which may have a default setting based on mode. E.g. public keys
are often always encoded in base64 )
 - `;::f4h5k34589ht...`
 - `;!base64::f4h5k34589ht...`
 - `;!octet?100::8BinaryStream`
 - `;!json?17::{"key":[1,2,3,4]}`
* `$encoding`   - is used to define how the string is encoded, e.g.
base64,json,1010101
* `?length`     - is used to define how many characters to read ahead as a
string. Afterwards, it will just keep scanning for the next `;` or end of
string.

* `#type` this might be needed if we need to declare the type of a variable
(undecided if it is needed in this standard proposal)

*### Mode keywords ###*

So far this is what I thought for gpg keywords for the `<mode>`

* `pubkey` = public key
* `prvkey` = private key
* `encmsg` = encrypted message
* `sigmsg` = signed message
* `fprint` = key fingerprint

*### extra thoughts ###*

* http://tools.ietf.org/html/rfc1738 - Uniform Resource Locators (URL)
* http://tools.ietf.org/html/rfc3986 - Uniform Resource Identifier (URI):
Generic Syntax
* http://tools.ietf.org/html/rfc3987 - Internationalized Resource
Identifiers (IRIs)


*# Structure Examples #############*

e.g.

For pubkey:

    openpgp://pubkey;version:GnuPG+v2;!base64::<base64 data>

For pubkey (with implied encoding. Default for pubkey mode payload is
base64):

    openpgp://pubkey;version:GnuPG+v2;::<base64 data>

For encrypted msg:

    openpgp://msg;version:GnuPG+v2;!base64::<base64 data>

or a signed message

    openpgp://sigmsg;hash:SHA1;sig:<base64>;!::<percent encoded message>


*# Potential Usage ###############*

* Embedded in NFC or 2D barcode for physical messages in posters that is
able store encrypted messages, public keys, or signed messages. Other than
posters, it also allows for easier transferring of openpgp messages via NFC
or 2D barcodes between a webbrowser in a cybercafe to a smartphone.

* Easier handling of messages in webrowsers via webrowsers plugins that can
recognise the uri handler calls. E.g. Clicking on a url will automatically
open up a openpgp program that automatically processes the message.

*# Uri Mockups ################*

Pubkey:


openpgp://pubkey;version:GnuPG+v2;!base64::mQENBFVS5CYBCACmDH67cDfC+0ow2FVX4uzsiOfA1OA4ZSJVwVjBQeotgr3a5CWCWSbW+kw3CjlRQXcL4bxTNisGAfrtn78+GkEmS48mb9kAPi084flEBHmgHbzo0TI3az74S3UI3ZkLxuAdfD4G7BuVn7YPzOa3OgD3FW1zZ3EGsHSl3+i0QZZ0fPvi4OkC+w4vDjrkUGR/afy7AzQhYzMA22kf3PTvZMxS0RLJvoRbnyoGjd1aQZPJD4mMziBaySRKEdhAbIrogu2nW0M2aJmwiW1Sgp8PP8bH2PJPgXFKaRTucm3k2IdsxVx0u29VJiSq4ktrYm8cJ3ABfUWbd/4adUFMbqwY2UhBABEBAAG0M0p1c3R3YW50dG9oYXZlZnVuNTYgPGp1c3R3YW50dG9oYXZlZnVuNTZAd2FzdGUuY29tPokBOQQTAQgAIwUCVVLkJgIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEGNU/RWXfXCybfQH/jZLLuWdeqOj/bNFx6OHxNLc8hYKbuje+xtZNP4gagCJboiAxPoWDfrhVQLKfKwR2mslAqQWdLSL1w93C/L1ByzXUz5sXA2YOTGVLXMU0aKQxYg3hBPqyc66F26Rz8mVLnOHGQoGvlVA4CMFNwEpS3lMkxbNyoQLeS1wXJsZN8VmDa5vqzQySCmOuBJ0rDqbwLrYNshPVqdo1G7U0uoTjPTI65+GlKvtXLxqn/R7c/aywqE9qinK/L0uyiQ4itA0er6TwI8d8B1Fw8JvbDmJNx24zHqOjZWL1Osn5o7ZH31AmFH7VFFJWtcYkpgTf2KETZ/PvkPPV/RL0q9FiKcB7725AQ0EVVLkJgEIAMl4rKSFfLXrB3MlwmNZqp66/5ixBm8FN1o3Hj9/xhiHWWZWwmkL3pfWVGI4GvFpOyh26VTv6Hvt54rvaqGYPZsz2jRO8PmVQs8g3CmC21F20jqi1fNu8m50ntrvK6qOK0pC7l7XXXkLwF9ChwxE8ott3WKALMS6+Z8RD0h/2SoNfW80dMLyDr2MzZdEB+dX6FM3YajkVaaIrhesedOsPoJOpPJc/K0BF71YjecesUUJZFdGm5v5UkgPbptuXgRFQWbQcj0kpQT4oxjwUImLYWb86cSJn6Bw7aHD9h/7ZHF5Q/N8s5fsl6lAEPEI2hTTh0SJE5g8qqL5YRfX7QBy1d0AEQEAAYkBHwQYAQgACQUCVVLkJgIbDAAKCRBjVP0Vl31wsnapB/9D0IBTxRNfWz3jsUbcfnI5Vu4V7mBu9B6rO6NfgpMirf2XaPmC13nQjR3WFZqd6JeJ1GPupkhleau1oViVHvKB7rfKOUqt0MNecWuHNu7tGp2q+k0NTEnA8/F5BGj3yxKdWNZ1farQDVnz39Pcj17XZK7R6FXLcQRf/yMjkipp6AAzADMTulsu86JAo4TLix83SsSXEzdID8p0REVRZZCTI8VHxlGjKOJBUu2K6IL5P80NMbEfHqXpxroftQhsuMQPGhlMgzDlWe7Mt+H5i/v3Sa4dKEQ0fW3kX/abF0xo4zDvbsRgoMgC8Z4QBfW29SAWMlSEqgl+yP6S59CPWwJ1=VzYv

encmsg:


openpgp://encmsg;!base64::hQIMA2gg7mYL/9/3ARAAnICjOZZ2BPY/ly2y8kMN7wvnKKrWiIF8y4is5Az6+irsFc4XlAJ8ieKAQsxE9E8nopRoZySe9L6bPDQPr8dq1kYPN9eFaNkW+E1z0B1iV4c3LrT1iGLsDrNJEODB8zytkYayc75RkuuA3iRkZj5Qco1fiv3DVNlnYRyPkXVQBwVVUPXaSowWHCMCPMS+ZmiNiqNd4ZiN3Dah7mB87mK5ed8rZM03RBtS4QPpR9t3Ku4y1W58FuAeFqf3CrLpDrf/4U3+98RiI1Z3/zsqjblXZ0/uuNDQnFZvgpOZ1q6Ry1Z3N03U94vgvs3XjrIm6raQajBXrvGsQIbgbSEkBldzNA0r0afcTPeaHTaOMcHqGA68b7Ju9yvYVk0BSyVbrW/oK93wT4SAxgq8wCPKlocp+KZx6qofSf7v/SdIKwMRgm2r2X0lTQTggElVG3sc00YcqS2a1kizmLPeyTOjai1Nt3vhySGFO48+SGUXbeMdtMtJEmjk9SFquVHEUkcd1/0X89OWnVn+vDuhtKMvAWhLFGC+m9pXCA6YJxWZwPTtTmFSOdsnYFEEU5J/jpl7Rmtev3AaBsZKRwgQlP24vz4zBzfMatTxLu7KBLeneyRPvzMe16dolYJtBSSFj7R0iXEy5GhKGLuckGWPL9mCzgGT8NSJZVPsrCoAYCo75hEnSEzSTQGJlgriakR505zTMr4YtSDZnNZh9XFwZ2Wy64PwO5DexBgytHIEFQrqULfGoWUMYlIJAzDmkDx7eWcDwyWo5tZ8Uiv0pGJC6iM6krgs=/Kcn

fingerprint:


openpgp://fprint;name:clark+kent;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8

    openpgp://fprint;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8


Some pontental future json (Not easy to transmit however, due to non uri
standard charcters in json ):

    openpgp:testmode;key!json?17::{"key":[1,2,3,4]}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150522/b88e308c/attachment.html>


More information about the Gnupg-users mailing list