Re: Adding a pointer to a WebID in a GPG pubkey from Olivier Berger on 2013-08-27 (public-webid@w3.org from August 2013)

From: Olivier Berger <olivier.berger@telecom-sudparis.eu>
Date: Tue, 27 Aug 2013 23:05:25 +0200
To: Melvin Carvalho <melvincarvalho@gmail.com>
Cc: public-webid <public-webid@w3.org>
Message-ID: <87a9k2hmju.fsf@inf-8660.int-evry.fr>

Melvin Carvalho <melvincarvalho@gmail.com> writes:

> On 27 August 2013 17:13, Olivier Berger
> <olivier.berger@telecom-sudparis.eu>wrote:
>
>
> Is there anything the equivalent of subjectAlternativeName in GPG ... or
> maybe ive misunderstood the problem?
>

Not yet, but, as I mentioned :

Olivier Berger <olivier.berger@it-sudparis.eu> writes:
>
> Btw, in principle, there could be other kinds of "user attributes"
> ("5.12. User Attribute Packet) than the "image attribute" subpacket,
> alhough the specs don't describe them.
>
>    The User Attribute packet is made up of one or more attribute
>    subpackets.  Each subpacket consists of a subpacket header and a
>    body.  The header consists of:
>
>      - the subpacket length (1, 2, or 5 octets)
>
>      - the subpacket type (1 octet)
>
>    and is followed by the subpacket specific data.
>
>    The only currently defined subpacket type is 1, signifying an image.
>    An implementation SHOULD ignore any subpacket of a type that it does
>    not recognize.  Subpacket types 100 through 110 are reserved for
>    private or experimental use.
>
> So I guess it could in principle be possible to have a real RDF fragment
> as such user attributes, that the pubkey could transport, which could be
> self signed or cross signed by others, much like the current user ids or
> photo ids.
>
> Let's see if someone follows such paths some day...
>

... and not so surprisingly, someone seems to have actually already
followed that track ;-) :

http://tools.ietf.org/html/draft-groth-openpgp-attribute-extension-00

which explicitely mentions :

 3.1. New User Attribute Type -- subjectAltNames

   OpenPGP has for the longest time been mostly used for text based
   communication and file encryption, so the User ID section of keys
   contain a name, an email address and possibly a comment.

   For computer based systems to be able to easily parse the
   information present, this draft assigns a new User Attribute Packet
   type as defined in RFC 4880, to be used for Subject Alternative
   Names.

   This section defers options to RFC 3280, section 4.2.1.7. However
   this section heavily references certificate authorities and for the
   purposes of OpenPGP this is interchangeable with any certifying
   agent.

Funny ;)

Is WebID + OpenPGP taking shape ? ;)

My 2 cents again.

Best regards,
-- 
Olivier BERGER 
http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8
Ingenieur Recherche - Dept INF
Institut Mines-Telecom, Telecom SudParis, Evry (France)

Received on Tuesday, 27 August 2013 21:05:54 UTC