key sig notation data in --with-colon mode?
Werner Koch
wk at gnupg.org
Tue Oct 4 08:53:59 CEST 2005
On Sun, 02 Oct 2005 03:00:50 +0200, Marcus Brinkmann said:
> Actually, I am not really ambitious about this. But it seems to me
> that a decision to only to import/export the raw subpacket data is
> quite a deviation from the "design contract" that GPGME has with
> GnuPG. I am not sure that is really intentional, maybe Werner can
> clarify this.
Please recall that the aim of gpgme is not to be a all purpose crypto
library but to provide a mostly protocol neutral interface for
encryption and signing of email and data. As such we have to take
care whether a certain feature is really required. I discussed the
notation thing with Marcus a few days ago and the basic reasons why we
came up with it are:
* To support the PKA feature (connecting keys to DNS).
* CMS and OpenPGP both provide features one might want to call
notation data. Thus we can conclude that this is a common property
of encryption protocols.
> of way. And starting to put RFC2440 parser logic into GPGME when we
> have come such a long way without it seems a major deviation to me,
We had the design goal that GPGME should not be aware of OpenPGP
internals. Let's avoid creating another airport[1].
Salam-Shalom,
Werner
[1] "The code is the crypto equivalent of Heathrow Airport."
- Peter Gutmann
More information about the Gnupg-devel
mailing list