[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] dealing with misplaced signatures
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] dealing with misplaced signatures |
|
Date: |
Wed, 01 Aug 2012 01:16:18 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20120713 Thunderbird/14.0 |
On 2012-08-01 00:53, Daniel Kahn Gillmor wrote:
> On 07/31/2012 06:04 PM, Kristian Fiskerstrand wrote:
...
>
> If anything, the current sks implementation is violating RFC 4880, which
> clearly states that transferable public key certificates contain:
>
> - After each Subkey packet, one Signature packet, plus optionally a
> revocation
>
Hi Daniel,
What complicate it a bit is that an argument can be made that this, from
11.1 [0], "The essential elements of a transferable public key are as
follows:" is a non-exhaustive list, i.e. it is more of a minimum
requirement than a full spec (by the use of the word "essential").
[0] http://www.ietf.org/rfc/rfc4880.txt
--
----------------------------
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws
----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
----------------------------
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
signature.asc
Description: OpenPGP digital signature