Re: key flag for authentication

[David Shaw <dshaw@xxxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, Jun 15, 2003 at 11:53:44AM -0400, Michael Young wrote:

> But, new flags can be structured to disambiguate new revisions
> from old.  For example, here we can add two bits:
>        0x20 - This key may be used for authentication.
>        0x40 - (Bit 0x20 is explicitly set.)
> Old signatures would have a zero in 0x40, so a new application
> can apply its own default (rather than having one imposed by
> the specification).  New signatures that actively decide on the
> value for the 0x20 bit must set 0x40.  (A new signer could also
> choose to accept the viewer's default by leaving 0x40 zero.)

I don't think this is really necessary.  The lack of a given flag
being set doesn't necessarily mean that the key *isn't* used for the
respective action.  The draft even uses the phrase "...stating a
preference...".

If anyone cares enough, they can certainly re-issue the signature with
the flag set.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iD8DBQE+7ODv4mZch0nhy8kRAjvYAJ9JLGOSm0IBYq8sOQks5UGpRLBJYACgg2VF
CPgCU3u+sVAk9/AoIoC8L88=
=ex0m
-----END PGP SIGNATURE-----