Reading new key packages (Re: Coexistence with OpenPGP/IETF)
Werner Koch
wk at gnupg.org
Sun Jan 7 15:59:10 CET 2024
On Sun, 7 Jan 2024 02:52, Heiko Schäfer said:
> As you pointed out, the crypto-refresh draft doesn't currently define
> a mechanism for securing literal metadata (presumably because this was
To get the record straight: It was willfully removed after the
implementers had implemented v5 signatures more than 2 years ago. There
is a reason that we listed this as one of the critique points on the
crypto-refresh draft updates and the forthcoming RFC.
FWIW, the V5 signature format was first specified in
draft-ietf-openpgp-rfc4880bis-06.txt (November 2018). A sample
signature was then posted the next March. This was at a time the WG was
bike-shedding over chunk sizes and discussing a proposal to remove
compression support.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://librepgp.org/pipermail/librepgp-discuss/attachments/20240107/43a2cb3f/attachment.sig>
More information about the LibrePGP-discuss
mailing list