draft-josefsson-openpgp-mailnews-header-01.txt

http://josefsson.org/openpgp-header/

Atom Smasher's idea, he wrote a write-up and posted it to GnuPG mailing list. Simon Josefsson helped by co-editing it into an I-D.

Recognize these?

X-PGP: 
X-PGP-Key:
X-Request-PGP:
X-PGP-KeyID:
X-PGP-Fingerprint:

Standardize

   openpgp   :=  "OpenPGP:" id-or-url /
                            (openpgp-parameter *(";" openpgp-parameter))
                            CRLF

   id-or-url := id / url

   id        := *HEXDIG

   url       := absoluteURI  ; Defined in RFC 2396.

   openpgp-parameter
              := ("id" "=" id) /
                 ("url" "=" url) /
                 parameter   ; See RFC 2045 for definition of parameter.

Examples

OpenPGP: 12345678
OpenPGP: id=12345678
OpenPGP: http://example.com/key.txt
OpenPGP: url=http://example.com/key.txt
OpenPGP: url=http://example.com/key.txt; id=12345678
OpenPGP: id=12345678; url=http://example.com/key.txt
OpenPGP: url=http://example.com/key.txt (down 2-3pm UTC);
         id=12345678 (this key is only used at the office)

Q: What problem is solved here?

A side effect of this effort may be to establish and document exactly what applications and/or people use these headers for.

If you know of other uses, please share.

Generally, important to make sure header information does not affect trust logic or processing in any way. The header is a hint, and everything should work if the header is absent or incorrect.

Open Issues aka Why I am Here

Supports token

Add a "supports" token that indicate sender's support and/or preference of PGP/MIME, vanilla PGP, or PGP-hybrid-MIME.

IMHO, we MUST NOT suggest use of anything but PGP/MIME. The others are EVIL. See Inline PGP in E-mail is bad, Mm'kay?.

However, could be a boolean to say "SEND ME PGP E-MAIL".

Thoughts on how it compete or work together with a key packet extension are appreciated.

Keyserver field?

Jeroen Massar wanted to store key server address. Comments?