[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: subkey binding sigs q


At 01:00 AM 25/08/2000 -0700, hal@finney.org wrote:
>Erron writes:
> > Does a subkey binding sig only perform the hash on the subkey (incl. 0x99,
> > packet body and keys), as stated in 5.2.1 for a 0x18 signature type or:
> >
> > does the hashable data for a subkey binding sig mirror that as stated 
> in 5.2.4:
> >
> > "A subkey signature (0x18) THEN hashes the subkey..."
> >
> > I'm assuming the THEN means that you hash the main key before the subkey,
> > subsequently contradicting 5.2.1.
>The description in 5.2.1 is really very general:
>    0x18: Subkey Binding Signature
>          This signature is a statement by the top-level signing key
>          indicates that it owns the subkey. This signature is calculated
>          directly on the subkey itself, not on any User ID or other
>          packets.
>This is meant to convey that the signature does not cover "siblings"
>of the subkey, like other subkeys or userid packets.  The description
>in 5.2.4 is correct; the hash is over the top-level key plus the subkey.
> > PS: Where's the best place to insert a type 0x30 as it's not defined in
> > 11.1...before the certification sig or after...or doesn't it matter?
>A type 0x30 is a subkey revocation signature.  I don't think it matters
>whether it goes before or after the subkey certification sig.  I think
>we put it before.
> > PSS: Are public and secret keyrings supposed to interoperate with other
> > versions of OpenPGP?
>No, OpenPGP does not specify keyring formats.

If OpenPGP does not specify keyring formats, then what is:

a) 11.2 related to?

b) A tag 12 Trust packet packet related to (mentions keyrings)?



Erron Criddle
Comasp Ltd.
Level 2, 45 Stirling Hwy

Fax: 08 9386 9473
Tel: 08 9386 9534