Reading new key packages (Re: Coexistence with OpenPGP/IETF)
Nickolay Olshevsky
o.nickolay at gmail.com
Mon Jan 8 12:20:57 CET 2024
Hi Andrew,
1. Yes.
2. Yes.
3. I cannot speak for GnuPG, but Werner already answered this.
4. Yes.
5. Yes, however this brought the following discussion, which, as for me,
dramatically overcomplicate things:
https://mailarchive.ietf.org/arch/msg/openpgp/lqvsd0aw-OiMnpyZSqU_fIqWSCE/
On 07.01.2024 20:28, Andrew Gallagher wrote:
> So at this point my understanding is:
>
> 1. It is desirable to protect the literal metadata
> 2. v5 sigs differ from other versions because they include the metadata (for 0x0 and 0x1 sig types only)
> 3. Gnupg/librepgp would like to implement v6 sigs but will not do so without metadata protection
> 4. A method exists (subpacket 40) to add metadata protection to v4 sigs
> 5. A similar method could be used to add metadata protection to v6 sigs
>
> Please correct me if any of the above are inaccurate?
>
> A
--
Best regards,
Nickolay Olshevsky
o.nickolay at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://librepgp.org/pipermail/librepgp-discuss/attachments/20240108/e7437fd4/attachment.html>
More information about the LibrePGP-discuss
mailing list