[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNU Crypto] Updated Keyring spec
|
From: |
Casey Marshall |
|
Subject: |
[GNU Crypto] Updated Keyring spec |
|
Date: |
Tue, 16 Sep 2003 05:09:30 -0700 |
|
User-agent: |
Mutt/1.4i |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi.
After a bit of pondering, I've made some changes to the in-progress
keyring spec <http://metastatic.org/text/gnu-keyring.txt>. To summarize:
* Keyring sequences have been removed. This was a kludge from the very
beginning, and was addressing something that wasn't really a
problem.
* The document now only describes two forms of keyring -- one for
trusted certificates, one for personal credentials (public and
private key pairs, personal certificates). The spec is actually left
open on this -- i.e. it is possible to create keyrings that can
contain different data, but the two defined in the spec are
REQUIRED.
* The alias field is gone, replaced by a mandatory property called
"alias" in all primitive types.
* Envelope types are required to have an "alias-list" property, which
lists all contained aliases.
* ENCRYPTED and AUTHENTICATED packets (i.e. non PBE ones) are now
marked as OPTIONAL. All other packet types are REQUIRED.
Also, I'd like to pose some more questions:
* Why not have sequences of packets (such as those contained in
envelopes) end with an end-of-sequence marker, and remove the
requirement of having the length preceed the contained packets? This
would make encoding easier, since you do not need to know the
encoded length of the objects you are writing beforehand.
Cheers,
- --
Casey Marshall || address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE/Zv1bgAuWMgRGsWsRAr5wAJ95DKuCsIBQyRGcnCEVKtUauAP8cgCeK9qs
LY9aVXAQhcS/1yRBwnDf+Fk=
=2Qi8
-----END PGP SIGNATURE-----
- [GNU Crypto] Updated Keyring spec,
Casey Marshall <=