GNU extensions to read_s2k for 2.5.x

Daniel Kahn Gillmor dkg-debian.org at fifthhorseman.net
Fri Aug 22 19:19:04 CEST 2008


Hi Werner--

On Fri 2008-08-22 10:59:22 -0400, Werner Koch wrote:

> On Fri, 22 Aug 2008 07:14, dkg-debian.org at fifthhorseman.net said:
>
>> I'm not proposing that we handle mode 1002 yet (i haven't
>> encountered it and don't know how we'd talk to the smartcard
>> anyway), but
>
> It encodes the smartcard's seriaon number so the user can be asked
> to put in the right card and gpg diverts the opwrations to the
> smartcard code.

If you could include the concrete details of how the serial number is
represented in doc/DETAILS, that would be great!

>> semantically, the code i asked you to commit now seems slightly
>> wrong.  In particular, it treats S2K mode 101 as GNU-Dummy, when in
>> fact it should be "GNU Extensions", and it should just test the
>> data after the hash to find out whether it's the gnu-dummy
>> extension or not.
>
> Background: The reason for this is that 101 is an OpenPGP identifier
> to be used for experimental/testing algorithms and thus we need to
> make sure that there is no ID clash.  Adding the string "GNU" should
> be sufficient and the extra ID after the GNU allows us to even add
> more algorithms.

This is a very forward-thinking approach.  I hope my revised patch
honors your original intentions.  Thanks for setting it up this way,
Werner.

I personally think that GNU-dummy is useful enough (and simple enough)
that something like it should be submitted to the S2K extension
registry, as described in RFC 4880 section 10.1 [0] to encourage the
ability to store partial keyrings.

Regards,

        --dkg

[0] http://tools.ietf.org/html/rfc4880#section-10.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: </pipermail/attachments/20080822/45beaeb7/attachment.pgp>


More information about the Gnutls-devel mailing list