[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)

To: David Shaw <dshaw@xxxxxxxxxxxxxxx>
Subject: Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
From: Jon Callas <jon@xxxxxxxxxx>
Date: Sun, 20 Jul 2003 14:22:42 -0700
Cc: OpenPGP <ietf-openpgp@xxxxxxx>
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Microsoft-Entourage/10.1.1.2418

On 7/20/03 5:34 AM, "David Shaw" <dshaw@xxxxxxxxxxxxxxx> wrote:

> I'm not sure 2440 says that.  The relevant bit is in section 11.1,
> which says "In a key that has a main key and subkeys, the primary key
> MUST be a key capable of signing."
> 
> I took this, perhaps wrongly, at face value - that is, if a key had
> subkeys, the primary had to be able to sign (for the binding
> signatures, presumably).  The flip side of this is that if a key does
> not have subkeys (and there is nothing wrong with a V4 key without
> subkeys), the primary did not have to be able to sign.
> 
> Did I misinterpret the intent in 2440 there?  If "a key that has a
> main key and subkeys" was intended to mean "V4 key", then I strongly
> suggest changing it to say "V4 key" explicitly to avoid the confusion
> that spawned a good bit of this thread.

Uh, I thought that meant that the top-level key can't be an encrypt-only
key. So yes, I was quite sure that 2440 said what you wanted.

    Jon

References:
- Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
  - From: David Shaw

Prev by Date: Re: Adding in BZ2 compression?
Next by Date: Re: Adding in BZ2 compression?
Previous by thread: Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
Next by thread: Re: Requiring self-signed uids? (was Re: PoP & Signer's User IDsubpacket?)
Index(es):
- Date
- Thread