On 01/29/2009 01:23 PM, Peter Thomas wrote: > 1) PNG (ISO 15948, RFC 2083) I fully agree that we should be supporting PNG here. That's long overdue, and you don't have to do lossless compression in png, iiuc. > 2) JPEG 2000 (ISO/IEC 15444) Given how ill-specified and implemented this is, i suggest waiting on this until it is more mature. > 3) SVG SVG can potentially contain way more than images; it can contain javascript, for example, and other semi-executable nastiness. As much as i love svg, I think it might be a can of worms best left unopened until we're prepared to seriously think through the potential security consequences. > Second, ideas for user attributes: > This is more a: "Has anybody ideas how usage of user attributes could > be extended?" than a "I have this and that proposal.", so I'd really > love to see your ideas. Duane Groth has proposed making a new User Attribute type that just maps to the possible values of the X.509 subjectAltName specification: http://open-pgp.info/wiki/index.php?title=Standardisation_of_OpenPGP_Keys_for_Server_Purposes#New_User_Attribute_Type_--_subjectAltNames What's nice about this proposal is that it doesn't require the creation of a new registry, implementors can potentially piggyback on existing ASN.1 parsers (they wouldn't need to write their own), and the specification can cover a range of ideas automatically. --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature