On 01/30/2009 01:15 PM, Peter Thomas wrote: > But by the way: This would be another thing that one could think of in > future revisions of the RFC. > Policy-URI on self-signatures: > 0x10-0x13: The policy that is used for signing, with the corresponding UserID. > 0x1F: The global policy for the whole key, when signing anything > (especially other keys/UIDs) with that key > 0x18: The policy used when making signatures with this key > > Policy-URI on other signatures: > The policy under which this signature was issued. (Just like it is > interpreted now) I'd disagree with such a change, if only because it seems to force a semantic change on signatures that may already be in existence. It'd be weird if i made a signature that i knew meant "foo", and then came back later to find that according to the new RFC, i'd actually stated "bar". If you want to propose a new subpacket with the above semantics (perhaps one that would be invalid on anything but a self-sig), i wouldn't be opposed, though i'm not sure how useful it would be. And how would you interpret the following situation: Key A has a self-sig with policy X Key A signs B's key,uid pair and includes a with policy-URI Y. which policy governs the A's signature on B? why? --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature