GNU extensions to read_s2k for 2.5.x
Daniel Kahn Gillmor
dkg-debian.org at fifthhorseman.net
Fri Aug 22 19:19:04 CEST 2008
Hi Werner--
On Fri 2008-08-22 10:59:22 -0400, Werner Koch wrote:
> On Fri, 22 Aug 2008 07:14, dkg-debian.org at fifthhorseman.net said:
>
>> I'm not proposing that we handle mode 1002 yet (i haven't
>> encountered it and don't know how we'd talk to the smartcard
>> anyway), but
>
> It encodes the smartcard's seriaon number so the user can be asked
> to put in the right card and gpg diverts the opwrations to the
> smartcard code.
If you could include the concrete details of how the serial number is
represented in doc/DETAILS, that would be great!
>> semantically, the code i asked you to commit now seems slightly
>> wrong. In particular, it treats S2K mode 101 as GNU-Dummy, when in
>> fact it should be "GNU Extensions", and it should just test the
>> data after the hash to find out whether it's the gnu-dummy
>> extension or not.
>
> Background: The reason for this is that 101 is an OpenPGP identifier
> to be used for experimental/testing algorithms and thus we need to
> make sure that there is no ID clash. Adding the string "GNU" should
> be sufficient and the extra ID after the GNU allows us to even add
> more algorithms.
This is a very forward-thinking approach. I hope my revised patch
honors your original intentions. Thanks for setting it up this way,
Werner.
I personally think that GNU-dummy is useful enough (and simple enough)
that something like it should be submitted to the S2K extension
registry, as described in RFC 4880 section 10.1 [0] to encourage the
ability to store partial keyrings.
Regards,
--dkg
[0] http://tools.ietf.org/html/rfc4880#section-10.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: </pipermail/attachments/20080822/45beaeb7/attachment.pgp>
More information about the Gnutls-devel
mailing list