[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft Update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Jul 26, 2008, at 5:13 PM, Duane wrote:

>
>
> Ok, I've made some updates, firstly removing specific references to  
> DNS
> since this is no longer specifically mean to be for DNS and I've other
> changes to remove references to using the user id field, and instead
> using user attributes to have the information in a format much more
> suitable for computers, this makes more sense to me than a blob of
> string doesn't need to be split up and parsed to extract the  
> information.
>
> http://open-pgp.info/wiki/index.php?title=Standardisation_of_OpenPGP_Keys_for_Server_Purposes
>
> Is there anything I've missed or overlooked at all?

I don't think it was necessary to get rid of all of the user id uses.  
RFC 4880 and 2440 were carefully explicit. Here's the 4880 language:

5.11.  User ID Packet (Tag 13)

    A User ID packet consists of UTF-8 text that is intended to  
represent
    the name and email address of the key holder.  By convention, it
    includes an RFC 2822 [RFC2822] mail name-addr, but there are no
    restrictions on its content.  The packet length in the header
    specifies the length of the User ID.

Note the words "intended" and "by convention." Also, "... but there  
are no restrictions on its content."

The discussion on this is similar to a discussion as to whether  
someone should put DNS information in a new RR or in a TXT record.  
Yes, it's probably better in some respect to expand the user  
attributes, but there's nothing wrong with just putting the text in  
there, especially since there's all this existing code that can  
display it correctly.

There are plenty of cases where a User ID contains nothing but  
descriptive text ("XYZ Corp Security Alert Signing Key") or non-email  
names like an X.509 Distinguished Name.

I agree with people who say that a User Attribute packet is better in  
a pure sense. However, the downside of that is that new UAs need  
setting/getting/display code. Just dropping the text in a UID packet  
is clunkier, but works everywhere.

Knowing when to use which is merely wisdom.

	Jon


-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII

wj8DBQFIjforsTedWZOD3gYRAnbEAJsH5XH8aSKWYhaItUNtrkqdSKjRuQCg6oSE
2AVFXqFIqxmDetuw11aSfEQ=
=0rGp
-----END PGP SIGNATURE-----