On Feb 26, 2015, at 7:23 AM, Petr Spacek <[email protected]> wrote: > The main problem is that > http://tools.ietf.org/html/draft-ietf-dane-openpgpkey-01#section-2.1 > 2.1. The OPENPGPKEY RDATA component > The RDATA (or RHS) of an OPENPGPKEY Resource Record contains a single > value consisting of a [RFC4880] formatted OpenPGP public keyring. > > references > > http://tools.ietf.org/html/rfc4880#section-3.6 > 3.6. Keyrings > A keyring is a collection of one or more keys in a file or database. > Traditionally, a keyring is simply a sequential list of keys, but may > be any suitable database. It is beyond the scope of this standard to > discuss the details of keyrings or other databases. > > and this definitely is not a definition you could use for implementation.
I fully agree on this. In fact, I think I brought the lack of interop up during the discussion leading up to RFC 2440, and was told that it was too late to change. (To be fair, we used the "too late to change" phrase a lot leading up to the spec for S/MIME v2. Ah, those carefree '90s.) Proposal: this draft should specify that the contents of the RDATA is a single public key, defined in Section 5.5.1.1 of RFC 4880. Are there common cases where this is not sufficient? --Paul Hoffman _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
