On Thu, 28 Aug 2014, Simon Josefsson wrote:
I have updated a six (!) year old document describing the OpenPGP
mail/news header field. As it encourages and promotes use of
encrypted/signed email, I thought it would be relevant to this list.
All feedback is appreciated, either directly to me or here.
http://tools.ietf.org/html/draft-josefsson-openpgp-mailnews-header-07
I think it would be better to announce both keyid and fingerprint.
Would it be better to use the longer keyid version?
Should a warning be added to the Security Considerations about v3 keys
being vulnerable to forging of fingerprints?
See: https://github.com/coruus/cooperpair/tree/master/keysteak
It would be nice to support OPENPGPKEY DNS records in header as well?
either:
OpenPGP: dns:p...@nohats.ca
or
OpenPGP:
dns=ab16de0656382d91838914109ab89a0a4e04321550a1a20ace7a8b66._openpgpkey.nohats.ca
Perhaps add a reference to:
http://tools.ietf.org/html/draft-wouters-dane-openpgp
Paul
_______________________________________________
perpass mailing list
perpass@ietf.org
https://www.ietf.org/mailman/listinfo/perpass