draft-ietf-openpgp-rfc4880bis-00.txt   draft-ietf-openpgp-rfc4880bis-01.txt 
Network Working Group W. Koch Network Working Group W. Koch
Internet-Draft Internet-Draft
Updates: 4880 (if approved) July 6, 2016 Updates: 4880 (if approved) January 2, 2017
Intended status: Standards Track Intended status: Standards Track
Expires: January 7, 2017 Expires: July 6, 2017
OpenPGP Message Format OpenPGP Message Format
draft-ietf-openpgp-rfc4880bis-00 draft-ietf-openpgp-rfc4880bis-01
Abstract Abstract
{ Work in progress to update the OpenPGP specification from RFC4880 } { Work in progress to update the OpenPGP specification from RFC4880 }
This document is maintained in order to publish all necessary This document is maintained in order to publish all necessary
information needed to develop interoperable applications based on the information needed to develop interoperable applications based on the
OpenPGP format. It is not a step-by-step cookbook for writing an OpenPGP format. It is not a step-by-step cookbook for writing an
application. It describes only the format and methods needed to application. It describes only the format and methods needed to
read, check, generate, and write conforming packets crossing any read, check, generate, and write conforming packets crossing any
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 7, 2017. This Internet-Draft will expire on July 6, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 3, line 4 skipping to change at page 3, line 4
4.2.1. {4.2.1} Old Format Packet Lengths . . . . . . . . . . 14 4.2.1. {4.2.1} Old Format Packet Lengths . . . . . . . . . . 14
4.2.2. {4.2.2} New Format Packet Lengths . . . . . . . . . . 15 4.2.2. {4.2.2} New Format Packet Lengths . . . . . . . . . . 15
4.2.3. {4.2.3} Packet Length Examples . . . . . . . . . . . 16 4.2.3. {4.2.3} Packet Length Examples . . . . . . . . . . . 16
4.3. {4.3} Packet Tags . . . . . . . . . . . . . . . . . . . . 17 4.3. {4.3} Packet Tags . . . . . . . . . . . . . . . . . . . . 17
5. {5} Packet Types . . . . . . . . . . . . . . . . . . . . . . 17 5. {5} Packet Types . . . . . . . . . . . . . . . . . . . . . . 17
5.1. {5.1} Public-Key Encrypted Session Key Packets (Tag 1) . 17 5.1. {5.1} Public-Key Encrypted Session Key Packets (Tag 1) . 17
5.2. {5.2} Signature Packet (Tag 2) . . . . . . . . . . . . . 19 5.2. {5.2} Signature Packet (Tag 2) . . . . . . . . . . . . . 19
5.2.1. {5.2.1} Signature Types . . . . . . . . . . . . . . . 19 5.2.1. {5.2.1} Signature Types . . . . . . . . . . . . . . . 19
5.2.2. {5.2.2} Version 3 Signature Packet Format . . . . . . 21 5.2.2. {5.2.2} Version 3 Signature Packet Format . . . . . . 21
5.2.3. {5.2.3} Version 4 Signature Packet Format . . . . . . 24 5.2.3. {5.2.3} Version 4 Signature Packet Format . . . . . . 24
5.2.4. {5.2.4} Computing Signatures . . . . . . . . . . . . 38 5.2.4. {5.2.4} Computing Signatures . . . . . . . . . . . . 40
5.3. {5.3} Symmetric-Key Encrypted Session Key Packets (Tag 3) 40 5.3. {5.3} Symmetric-Key Encrypted Session Key Packets (Tag 3) 41
5.4. {5.4} One-Pass Signature Packets (Tag 4) . . . . . . . . 41 5.4. {5.4} One-Pass Signature Packets (Tag 4) . . . . . . . . 42
5.5. {5.5} Key Material Packet . . . . . . . . . . . . . . . . 42 5.5. {5.5} Key Material Packet . . . . . . . . . . . . . . . . 43
5.5.1. {5.5.1} Key Packet Variants . . . . . . . . . . . . . 42 5.5.1. {5.5.1} Key Packet Variants . . . . . . . . . . . . . 43
5.5.2. {5.5.2} Public-Key Packet Formats . . . . . . . . . . 43 5.5.2. {5.5.2} Public-Key Packet Formats . . . . . . . . . . 44
5.5.3. {5.5.3} Secret-Key Packet Formats . . . . . . . . . . 46 5.5.3. {5.5.3} Secret-Key Packet Formats . . . . . . . . . . 47
5.6. {5.6} Compressed Data Packet (Tag 8) . . . . . . . . . . 48 5.6. {5.6} Compressed Data Packet (Tag 8) . . . . . . . . . . 49
5.7. {5.7} Symmetrically Encrypted Data Packet (Tag 9) . . . . 48 5.7. {5.7} Symmetrically Encrypted Data Packet (Tag 9) . . . . 49
5.8. {5.8} Marker Packet (Obsolete Literal Packet) (Tag 10) . 49 5.8. {5.8} Marker Packet (Obsolete Literal Packet) (Tag 10) . 50
5.9. {5.9} Literal Data Packet (Tag 11) . . . . . . . . . . . 49 5.9. {5.9} Literal Data Packet (Tag 11) . . . . . . . . . . . 51
5.10. {5.10} Trust Packet (Tag 12) . . . . . . . . . . . . . . 50 5.10. {5.10} Trust Packet (Tag 12) . . . . . . . . . . . . . . 52
5.11. {5.11} User ID Packet (Tag 13) . . . . . . . . . . . . . 51 5.11. {5.11} User ID Packet (Tag 13) . . . . . . . . . . . . . 52
5.12. {5.12} User Attribute Packet (Tag 17) . . . . . . . . . . 51 5.12. {5.12} User Attribute Packet (Tag 17) . . . . . . . . . . 52
5.12.1. {5.12.1} The Image Attribute Subpacket . . . . . . . 52 5.12.1. {5.12.1} The Image Attribute Subpacket . . . . . . . 53
5.12.2. User ID Attribute Subpacket . . . . . . . . . . . . 52 5.12.2. User ID Attribute Subpacket . . . . . . . . . . . . 53
5.13. {5.13} Sym. Encrypted Integrity Protected Data Packet 5.13. {5.13} Sym. Encrypted Integrity Protected Data Packet
(Tag 18) . . . . . . . . . . . . . . . . . . . . . . . . 53 (Tag 18) . . . . . . . . . . . . . . . . . . . . . . . . 54
5.14. {5.14} Modification Detection Code Packet (Tag 19) . . . 56 5.14. {5.14} Modification Detection Code Packet (Tag 19) . . . 57
6. {6} Radix-64 Conversions . . . . . . . . . . . . . . . . . . 56 6. {6} Radix-64 Conversions . . . . . . . . . . . . . . . . . . 58
6.1. {6.1} An Implementation of the CRC-24 in "C" . . . . . . 57 6.1. {6.1} An Implementation of the CRC-24 in "C" . . . . . . 58
6.2. {6.2} Forming ASCII Armor . . . . . . . . . . . . . . . . 58 6.2. {6.2} Forming ASCII Armor . . . . . . . . . . . . . . . . 59
6.3. {6.3} Encoding Binary in Radix-64 . . . . . . . . . . . . 60 6.3. {6.3} Encoding Binary in Radix-64 . . . . . . . . . . . . 61
6.4. {6.4} Decoding Radix-64 . . . . . . . . . . . . . . . . . 61 6.4. {6.4} Decoding Radix-64 . . . . . . . . . . . . . . . . . 63
6.5. {6.5} Examples of Radix-64 . . . . . . . . . . . . . . . 62 6.5. {6.5} Examples of Radix-64 . . . . . . . . . . . . . . . 63
6.6. {6.6} Example of an ASCII Armored Message . . . . . . . . 62 6.6. {6.6} Example of an ASCII Armored Message . . . . . . . . 64
7. {7} Cleartext Signature Framework . . . . . . . . . . . . . . 63 7. {7} Cleartext Signature Framework . . . . . . . . . . . . . . 64
7.1. {7.1} Dash-Escaped Text . . . . . . . . . . . . . . . . . 63 7.1. {7.1} Dash-Escaped Text . . . . . . . . . . . . . . . . . 65
8. {8} Regular Expressions . . . . . . . . . . . . . . . . . . . 64 8. {8} Regular Expressions . . . . . . . . . . . . . . . . . . . 66
9. {9} Constants . . . . . . . . . . . . . . . . . . . . . . . . 65 9. {9} Constants . . . . . . . . . . . . . . . . . . . . . . . . 66
9.1. {9.1} Public-Key Algorithms . . . . . . . . . . . . . . . 65 9.1. {9.1} Public-Key Algorithms . . . . . . . . . . . . . . . 67
9.2. ECC Curve OID . . . . . . . . . . . . . . . . . . . . . . 66 9.2. ECC Curve OID . . . . . . . . . . . . . . . . . . . . . . 67
9.3. {9.2} Symmetric-Key Algorithms . . . . . . . . . . . . . 66 9.3. {9.2} Symmetric-Key Algorithms . . . . . . . . . . . . . 68
9.4. {9.3} Compression Algorithms . . . . . . . . . . . . . . 67 9.4. {9.3} Compression Algorithms . . . . . . . . . . . . . . 69
9.5. {9.4} Hash Algorithms . . . . . . . . . . . . . . . . . . 67 9.5. {9.4} Hash Algorithms . . . . . . . . . . . . . . . . . . 69
10. {10} IANA Considerations . . . . . . . . . . . . . . . . . . 68 10. {10} IANA Considerations . . . . . . . . . . . . . . . . . . 70
10.1. {10.1} New String-to-Key Specifier Types . . . . . . . . 68 10.1. {10.1} New String-to-Key Specifier Types . . . . . . . . 70
10.2. {10.2} New Packets . . . . . . . . . . . . . . . . . . . 68 10.2. {10.2} New Packets . . . . . . . . . . . . . . . . . . . 70
10.2.1. {10.2.1} User Attribute Types . . . . . . . . . . . 69 10.2.1. {10.2.1} User Attribute Types . . . . . . . . . . . 70
10.2.2. {10.2.1.1} Image Format Subpacket Types . . . . . . 69 10.2.2. {10.2.1.1} Image Format Subpacket Types . . . . . . 71
10.2.3. {10.2.2} New Signature Subpackets . . . . . . . . . 69 10.2.3. {10.2.2} New Signature Subpackets . . . . . . . . . 71
10.2.4. {10.2.3} New Packet Versions . . . . . . . . . . . . 71 10.2.4. {10.2.3} New Packet Versions . . . . . . . . . . . . 73
10.3. {10.3} New Algorithms . . . . . . . . . . . . . . . . . 72 10.3. {10.3} New Algorithms . . . . . . . . . . . . . . . . . 73
10.3.1. {10.3.1} Public-Key Algorithms . . . . . . . . . . . 72 10.3.1. {10.3.1} Public-Key Algorithms . . . . . . . . . . . 74
10.3.2. {10.3.2} Symmetric-Key Algorithms . . . . . . . . . 72 10.3.2. {10.3.2} Symmetric-Key Algorithms . . . . . . . . . 74
10.3.3. {10.3.3} Hash Algorithms . . . . . . . . . . . . . . 73 10.3.3. {10.3.3} Hash Algorithms . . . . . . . . . . . . . . 74
10.3.4. {10.3.4} Compression Algorithms . . . . . . . . . . 73 10.3.4. {10.3.4} Compression Algorithms . . . . . . . . . . 75
11. {11} Packet Composition . . . . . . . . . . . . . . . . . . . 73 11. {11} Packet Composition . . . . . . . . . . . . . . . . . . . 75
11.1. {11.1} Transferable Public Keys . . . . . . . . . . . . 73 11.1. {11.1} Transferable Public Keys . . . . . . . . . . . . 75
11.2. {11.2} Transferable Secret Keys . . . . . . . . . . . . 75 11.2. {11.2} Transferable Secret Keys . . . . . . . . . . . . 76
11.3. {11.3} OpenPGP Messages . . . . . . . . . . . . . . . . 75 11.3. {11.3} OpenPGP Messages . . . . . . . . . . . . . . . . 77
11.4. {11.4} Detached Signatures . . . . . . . . . . . . . . . 76 11.4. {11.4} Detached Signatures . . . . . . . . . . . . . . . 77
12. {12} Enhanced Key Formats . . . . . . . . . . . . . . . . . . 76 12. {12} Enhanced Key Formats . . . . . . . . . . . . . . . . . . 78
12.1. {12.1} Key Structures . . . . . . . . . . . . . . . . . 76 12.1. {12.1} Key Structures . . . . . . . . . . . . . . . . . 78
12.2. {12.2} Key IDs and Fingerprints . . . . . . . . . . . . 77 12.2. {12.2} Key IDs and Fingerprints . . . . . . . . . . . . 79
13. Elliptic Curve Cryptography . . . . . . . . . . . . . . . . . 78 13. Elliptic Curve Cryptography . . . . . . . . . . . . . . . . . 80
13.1. Supported ECC Curves . . . . . . . . . . . . . . . . . . 78 13.1. Supported ECC Curves . . . . . . . . . . . . . . . . . . 80
13.2. ECDSA and ECDH Conversion Primitives . . . . . . . . . . 79 13.2. ECDSA and ECDH Conversion Primitives . . . . . . . . . . 81
13.3. EdDSA Point Format . . . . . . . . . . . . . . . . . . . 79 13.3. EdDSA Point Format . . . . . . . . . . . . . . . . . . . 81
13.4. Key Derivation Function . . . . . . . . . . . . . . . . 80 13.4. Key Derivation Function . . . . . . . . . . . . . . . . 82
13.5. EC DH Algorithm (ECDH) . . . . . . . . . . . . . . . . . 80 13.5. EC DH Algorithm (ECDH) . . . . . . . . . . . . . . . . . 82
14. {13} Notes on Algorithms . . . . . . . . . . . . . . . . . . 83 14. {13} Notes on Algorithms . . . . . . . . . . . . . . . . . . 85
14.1. {13.1} PKCS#1 Encoding in OpenPGP . . . . . . . . . . . 83 14.1. {13.1} PKCS#1 Encoding in OpenPGP . . . . . . . . . . . 85
14.1.1. {13.1.1} EME-PKCS1-v1_5-ENCODE . . . . . . . . . . . 83 14.1.1. {13.1.1} EME-PKCS1-v1_5-ENCODE . . . . . . . . . . . 85
14.1.2. {13.1.2} EME-PKCS1-v1_5-DECODE . . . . . . . . . . . 84 14.1.2. {13.1.2} EME-PKCS1-v1_5-DECODE . . . . . . . . . . . 86
14.1.3. {13.1.3} EMSA-PKCS1-v1_5 . . . . . . . . . . . . . . 85 14.1.3. {13.1.3} EMSA-PKCS1-v1_5 . . . . . . . . . . . . . . 87
14.2. {13.2} Symmetric Algorithm Preferences . . . . . . . . . 86 14.2. {13.2} Symmetric Algorithm Preferences . . . . . . . . . 88
14.3. {13.3} Other Algorithm Preferences . . . . . . . . . . . 87 14.3. {13.3} Other Algorithm Preferences . . . . . . . . . . . 89
14.3.1. {13.3.1} Compression Preferences . . . . . . . . . . 87 14.3.1. {13.3.1} Compression Preferences . . . . . . . . . . 89
14.3.2. {13.3.2} Hash Algorithm Preferences . . . . . . . . 88 14.3.2. {13.3.2} Hash Algorithm Preferences . . . . . . . . 90
14.4. {13.4} Plaintext . . . . . . . . . . . . . . . . . . . . 88 14.4. {13.4} Plaintext . . . . . . . . . . . . . . . . . . . . 90
14.5. {13.5} RSA . . . . . . . . . . . . . . . . . . . . . . . 88 14.5. {13.5} RSA . . . . . . . . . . . . . . . . . . . . . . . 90
14.6. {13.6} DSA . . . . . . . . . . . . . . . . . . . . . . . 88 14.6. {13.6} DSA . . . . . . . . . . . . . . . . . . . . . . . 90
14.7. {13.7} Elgamal . . . . . . . . . . . . . . . . . . . . . 89 14.7. {13.7} Elgamal . . . . . . . . . . . . . . . . . . . . . 91
14.8. EdDSA . . . . . . . . . . . . . . . . . . . . . . . . . 89 14.8. EdDSA . . . . . . . . . . . . . . . . . . . . . . . . . 91
14.9. {13.8} Reserved Algorithm Numbers . . . . . . . . . . . 89 14.9. {13.8} Reserved Algorithm Numbers . . . . . . . . . . . 91
14.10. {13.9} OpenPGP CFB Mode . . . . . . . . . . . . . . . . 90 14.10. {13.9} OpenPGP CFB Mode . . . . . . . . . . . . . . . . 92
14.11. {13.10} Private or Experimental Parameters . . . . . . . 91 14.11. {13.10} Private or Experimental Parameters . . . . . . . 93
14.12. {13.11} Extension of the MDC System . . . . . . . . . . 91 14.12. {13.11} Extension of the MDC System . . . . . . . . . . 93
14.13. {13.12} Meta-Considerations for Expansion . . . . . . . 92 14.13. {13.12} Meta-Considerations for Expansion . . . . . . . 94
15. {14} Security Considerations . . . . . . . . . . . . . . . . 92 15. {14} Security Considerations . . . . . . . . . . . . . . . . 94
16. Compatibility Profiles . . . . . . . . . . . . . . . . . . . 99 16. Compatibility Profiles . . . . . . . . . . . . . . . . . . . 101
16.1. OpenPGP ECC Profile . . . . . . . . . . . . . . . . . . 99 16.1. OpenPGP ECC Profile . . . . . . . . . . . . . . . . . . 101
16.2. Suite-B Profile . . . . . . . . . . . . . . . . . . . . 100 16.2. Suite-B Profile . . . . . . . . . . . . . . . . . . . . 102
16.3. Security Strength at 192 Bits . . . . . . . . . . . . . 100 16.3. Security Strength at 192 Bits . . . . . . . . . . . . . 102
16.4. Security Strength at 128 Bits . . . . . . . . . . . . . 100 16.4. Security Strength at 128 Bits . . . . . . . . . . . . . 102
17. {15} Implementation Nits . . . . . . . . . . . . . . . . . . 100 17. {15} Implementation Nits . . . . . . . . . . . . . . . . . . 102
18. References . . . . . . . . . . . . . . . . . . . . . . . . . 102 18. References . . . . . . . . . . . . . . . . . . . . . . . . . 104
18.1. Normative References . . . . . . . . . . . . . . . . . . 102 18.1. Normative References . . . . . . . . . . . . . . . . . . 104
18.2. Informative References . . . . . . . . . . . . . . . . . 104 18.2. Informative References . . . . . . . . . . . . . . . . . 106
Appendix A. Test vectors . . . . . . . . . . . . . . . . . . . . 105 Appendix A. Test vectors . . . . . . . . . . . . . . . . . . . . 107
A.1. Sample EdDSA key . . . . . . . . . . . . . . . . . . . . 105 A.1. Sample EdDSA key . . . . . . . . . . . . . . . . . . . . 107
A.2. Sample EdDSA signature . . . . . . . . . . . . . . . . . 106 A.2. Sample EdDSA signature . . . . . . . . . . . . . . . . . 108
Appendix B. ECC Point compression flag bytes . . . . . . . . . . 106 Appendix B. ECC Point compression flag bytes . . . . . . . . . . 108
Appendix C. Changes since RFC-4880 . . . . . . . . . . . . . . . 107 Appendix C. Changes since RFC-4880 . . . . . . . . . . . . . . . 109
Appendix D. The principal authors of RFC-4880 are as follows: . 107 Appendix D. The principal authors of RFC-4880 are as follows: . 109
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 107 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 109
1. {1} Introduction 1. {1} Introduction
{ This is work in progress to update OpenPGP. Editorial notes are { This is work in progress to update OpenPGP. Editorial notes are
enclosed in curly braces. The section numbers from RFC4880 are also enclosed in curly braces. The section numbers from RFC4880 are also
indicated in curly braces. } indicated in curly braces. }
This document provides information on the message-exchange packet This document provides information on the message-exchange packet
formats used by OpenPGP to provide encryption, decryption, signing, formats used by OpenPGP to provide encryption, decryption, signing,
and key management functions. It is a revision of RFC 2440, "OpenPGP and key management functions. It is a revision of RFC 2440, "OpenPGP
skipping to change at page 26, line 51 skipping to change at page 27, line 37
| 23 | Key Server Preferences | | 23 | Key Server Preferences |
| 24 | Preferred Key Server | | 24 | Preferred Key Server |
| 25 | Primary User ID | | 25 | Primary User ID |
| 26 | Policy URI | | 26 | Policy URI |
| 27 | Key Flags | | 27 | Key Flags |
| 28 | Signer's User ID | | 28 | Signer's User ID |
| 29 | Reason for Revocation | | 29 | Reason for Revocation |
| 30 | Features | | 30 | Features |
| 31 | Signature Target | | 31 | Signature Target |
| 32 | Embedded Signature | | 32 | Embedded Signature |
| 33 | Issuer Fingerprint |
| 100 to 110 | Private or experimental | | 100 to 110 | Private or experimental |
+-------------+-----------------------------------------+ +-------------+-----------------------------------------+
An implementation SHOULD ignore any subpacket of a type that it does An implementation SHOULD ignore any subpacket of a type that it does
not recognize. not recognize.
Bit 7 of the subpacket type is the "critical" bit. If set, it Bit 7 of the subpacket type is the "critical" bit. If set, it
denotes that the subpacket is one that is critical for the evaluator denotes that the subpacket is one that is critical for the evaluator
of the signature to recognize. If a subpacket is encountered that is of the signature to recognize. If a subpacket is encountered that is
marked critical but is unknown to the evaluating software, the marked critical but is unknown to the evaluating software, the
skipping to change at page 29, line 9 skipping to change at page 29, line 45
(4-octet time field) (4-octet time field)
The time the signature was made. The time the signature was made.
MUST be present in the hashed area. MUST be present in the hashed area.
5.2.3.5. {5.2.3.5} Issuer 5.2.3.5. {5.2.3.5} Issuer
(8-octet Key ID) (8-octet Key ID)
The OpenPGP Key ID of the key issuing the signature. The OpenPGP Key ID of the key issuing the signature. If the version
of that key is greater than 4, this subpacket MUST NOT be included in
the signature.
5.2.3.6. {5.2.3.6} Key Expiration Time 5.2.3.6. {5.2.3.6} Key Expiration Time
(4-octet time field) (4-octet time field)
The validity period of the key. This is the number of seconds after The validity period of the key. This is the number of seconds after
the key creation time that the key expires. If this is not present the key creation time that the key expires. If this is not present
or has a value of zero, the key never expires. This is found only on or has a value of zero, the key never expires. This is found only on
a self-signature. a self-signature.
skipping to change at page 38, line 45 skipping to change at page 39, line 45
have 20 octets of hash data. have 20 octets of hash data.
5.2.3.26. {5.2.3.26} Embedded Signature 5.2.3.26. {5.2.3.26} Embedded Signature
(1 signature packet body) (1 signature packet body)
This subpacket contains a complete Signature packet body as specified This subpacket contains a complete Signature packet body as specified
in Section 5.2 above. It is useful when one signature needs to refer in Section 5.2 above. It is useful when one signature needs to refer
to, or be incorporated in, another signature. to, or be incorporated in, another signature.
5.2.3.27. Issuer Fingerprint
(1 octet key version number, N octets of fingerprint)
The OpenPGP Key fingerprint of the key issuing the signature. This
subpacket SHOULD be included in all signatures. If the version of
the issuing key is 4 and an Issuer subpacket is also included in the
signature, the key ID of the Issuer subpacket MUST match the low 64
bits of the fingerprint.
Note that the length N of the fingerprint for a version 4 key is 20
octets.
5.2.4. {5.2.4} Computing Signatures 5.2.4. {5.2.4} Computing Signatures
All signatures are formed by producing a hash over the signature All signatures are formed by producing a hash over the signature
data, and then using the resulting hash in the signature algorithm. data, and then using the resulting hash in the signature algorithm.
For binary document signatures (type 0x00), the document data is For binary document signatures (type 0x00), the document data is
hashed directly. For text document signatures (type 0x01), the hashed directly. For text document signatures (type 0x01), the
document is canonicalized by converting line endings to <CR><LF>, and document is canonicalized by converting line endings to <CR><LF>, and
the resulting data is hashed. the resulting data is hashed.
skipping to change at page 107, line 17 skipping to change at page 109, line 17
o Applied errata 2270, 2271, 2242, 3298. o Applied errata 2270, 2271, 2242, 3298.
o Added Camellia cipher from RFC 5581. o Added Camellia cipher from RFC 5581.
o Incorporated RFC 6637 (ECC for OpenPGP) o Incorporated RFC 6637 (ECC for OpenPGP)
o Added draft-atkins-openpgp-device-certificates o Added draft-atkins-openpgp-device-certificates
o Added draft-koch-eddsa-for-openpgp-04 o Added draft-koch-eddsa-for-openpgp-04
o Added Issuer Fingerprint signature subpacket.
{ Informational rfcs: [RFC1423] } { Informational rfcs: [RFC1423] }
Appendix D. The principal authors of RFC-4880 are as follows: Appendix D. The principal authors of RFC-4880 are as follows:
Jon Callas Jon Callas
EMail: jon@callas.org EMail: jon@callas.org
Lutz Donnerhacke Lutz Donnerhacke
EMail: lutz@iks-jena.de EMail: lutz@iks-jena.de
 End of changes. 11 change blocks. 
102 lines changed or deleted 120 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/