Re: Issuer Fingerprint

2015-01-14 Thread Werner Koch 
On Wed, 14 Jan 2015 00:54, 2014-667rhzu3dc-lists-gro...@riseup.net said:

> I thought we already took care of this with
> sig-notation issuer-...@notations.openpgp.fifthhorseman.net=%g [0]

But GnuPG does not know about this - it is Dkg's private thing.  Further
this triples the required size for each signature.

If we would do that with notaion data something like iss...@gnupg.org=
would be used.  But see the discussion on gnupg-devel.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Issuer Fingerprint (was: Vanity Keys)

2015-01-13 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Tuesday 13 January 2015 at 11:33:25 AM, in
, Werner Koch wrote:


> Should be pursue this
> task or take a quick solution by using notation data?

I thought we already took care of this with
sig-notation issuer-...@notations.openpgp.fifthhorseman.net=%g [0]

[0] 

- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

I don't suffer from insanity I enjoy every minute of it.
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJUtbBNXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwIx8IALcVn0Fga/hLnz2iksk36PDk
IkIHNMfi4BmszL23i/CXnDVemDXzReIis1n0eWEicw8hkliEAZHKRMomKNnIqXB7
ezp+dnnhYghIuXCDNlYSigSZy0hyln/tR2Mb9bebQC29IxBuP4HIOQGBaJak6Bq1
oeCqfzcp0GNAqIT5MR/k+pJIQeW9NMLCam+5pv7vXrkgVsP+O0HdSRkZ3Ef8y/Vg
3RBF30JhCmpAVKuUeCTputryeBs3RFTQ6f2CbskUY6gvcKmHmofGpUG5eI2gmjKb
hvP3s2RGMewbYUNGZDmXJdaWdtkjsvNx3X/aM2x3IqUvGZ3eECQz2Op++VbcMbyI
vgQBFgoAZgUCVLWwVV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45MaNAQC2k5AjdZepyyvbbwYqgK0OzhFF
9Wz0TAvtpMEltAI1GQEA8RyAlAosJa5bO29y1UI2yIFT9B9iozy00H2vBSl49Qg=
=povV
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Issuer Fingerprint (was: Vanity Keys)

2015-01-13 Thread Werner Koch 
[Moving discussion to gnupg-devel]

On Tue, 13 Jan 2015 10:41, nicholas.c...@gmail.com said:

> Or a new revision of the standard, I suppose.  But I think that one or

A new key and signature packet version will take years to develop and
deploy.  Thus I think it is better to first do something within the
standard which will be backward compatible.

We currently use this subpacket:

  5.2.3.5.  Issuer

   (8-octet Key ID)

   The OpenPGP Key ID of the key issuing the signature.

A new optional subpacket:

5.2.3.27.  IssuerFingerprint

   (N-octet Key Fingerprint)

   The OpenPGP Fingerprint of the key issuing the signature.  For
   current versions of OpenPGP N has the value 20.  Future versions of
   OpenPGP may specify a different scheme for the fingerprint and thus
   another value for N.  Implementations should thus be prepared for
   other fingerprint lengths but honor this subpacket only if N is 20.

could be used to overcome duplicate key id problems.  The subpacket
type octet for that new subpacket would be 33.  Note that

  Adding a new Signature subpacket MUST be done through the IETF
  CONSENSUS method, as described in [RFC2434].

which takes quite some time.  Should be pursue this task or take a quick
solution by using notation data?

The size of a signature will increase by 22 or even more when using the
notation data approach.  This is noticeable but given that we are anyway
moving to the smaller ECC algorithms I think this is acceptable.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users