On Aug 1, 2013, at 6:58 PM, Martin T <m4rtn...@gmail.com> wrote: > Hi, > > RIPE(RIR in European region) database allows one to upload ASCII armored PGP > public keys: http://www.ripe.net/data-tools/support/security/pgp Server-side > software is able to generate some "key-cert" object attributes automatically. > For example "method", "owner" and "fingerpr": > > noc@T42 ~ $ whois -h whois.ripe.net -t key-cert | grep gene > method: [generated] [single] [ ] > owner: [generated] [multiple] [ ] > fingerpr: [generated] [single] [inverse key] > noc@T42 ~ $ > > > Example "key-cert" object provided by RIPE: > > key-cert: PGPKEY-4B8AE00D > method: PGP > owner: Joe User <j...@example.net> > fingerpr: 9D 82 4B B8 38 56 AE 12 BD 88 73 F7 EF D3 7A 92 > certif: ---BEGIN PGP PUBLIC KEY BLOCK--- > certif: Version: 2.6.3ia > certif: > certif: mQA9AzZizeQAAAEBgJsq2YfoInVOWlLxalmR14GlUzEd0WgrUH9iXjZ > certif: a/uqWiLnvN59S4rgDQAFEbQeSm9lIFRoZSBVc2VyIDxqb2VAZXhhbXB > certif: iQBFAwUQNmLN5ee83n1LiuANAQFOFQGAmowlUYtF+xnWBdMNDKBiOSy > certif: YvpKr05Aycn8Rb55E1onZL5KhNMYU/gd > certif: =nfno > certif: ---END PGP PUBLIC KEY BLOCK--- > mnt-by: EXAMPLE-MNT > changed: j...@example.net 19981117 > source: TEST > > > How are those fields automatically detected/generated? "Owner"(UID in gpg > terminology) is written to public key- one can verify this with analyzing the > public key with hex editor. However: > > 1) is "method" also built into public key? At least "hexdump -C pubring.gpg | > grep -i pgp" does not indicate this.. Or has "PGP" some sort of special > fingerprint which is understood by server-side software? Last but not least, > are there any other types besides "PGP"? I guess it is as pgpdump is even > able to dump the timestamp when the key itself was generated.
I think "method" in the example above is just indicating that this is a PGP key. That is, there may be other types than PGP that RIPE supports, but you'd have to ask them about that. > 2) is fingerprint automatically hashed based on the UID? No. The fingerprint is based on the key material only. You can add/change UIDs without the fingerprint changing. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
