[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Critical bits and notations

Here's an odd corner case, one that I'd be grateful for some thoughts
on: what does the critical bit mean in the context of a signature
notation?  Does the critical bit refer to support of the notation
subpacket in general, or to the specific notation given in the
critical notation subpacket?

For example, take an implementation that can read notations, and
specifically understands and acts on the "foo" notation.  Given that,
it's very clear that this implementation should accept a critical
notation "foo=1".  Now try a critical notation of "bar=2".  Should the
implementation accept it because it knows what a notation is, and
implements notations, or should it reject it because it doesn't know
what the specific "bar" notation is?

The draft has this to say on the subject of critical bits for
signature subpackets:

   Bit 7 of the subpacket type is the "critical" bit.  If set, it
   denotes that the subpacket is one that is critical for the
   evaluator of the signature to recognize.  If a subpacket is
   encountered that is marked critical but is unknown to the
   evaluating software, the evaluator SHOULD consider the signature to
   be in error.

   An evaluator may "recognize" a subpacket, but not implement it. The
   purpose of the critical bit is to allow the signer to tell an
   evaluator that it would prefer a new, unknown feature to generate
   an error than be ignored.

According to this, it would seem that a critical bit on a notation
would seem to refer to support for the notation subpacket
(i.e. notations in general).  However, this seems a bit less useful
than it could be, since the main idea of notations is to be able to
add interesting things to the standard later.  A critical bit that
applied to the specific notation seems more useful.

How does human-readable fit into this - if a notation is human
readable, is it sufficient to display the notation to a human to say
that it is "recognized"?