vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-09 11:19:41 +02:00
Code Issues Projects Releases Packages Wiki Activity

Conflicting subpackets

Browse source
This commit is contained in:
Paul Schaub 2023-09-25 14:49:46 +02:00
parent 4e2fa874c7
commit 25ab20ecd9
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
book/source/06-signatures.md
View file

@ -68,7 +68,14 @@ The unhashed area can be used to retroactively add, change or remove subpackets
Due to the fact that the unhashed area doesn't provide any cryptographic guarantees, it is only intended for advisory packets, or packets that self-authenticate (e.g. issuer key ID / issuer fingerprint subpackets, whose "correctness" can be proven by successfully verifying the signature using the referenced issuer key).
In most cases, signature subpackets are simply added into the hashed area.
Since the hashed and unhashed areas of a signature are just lists of subpackets, in principle they allow duplicates of the same subpacket, which might lead to conflicts.
Therefore, packets in the hashed area take precendence over the unhashed area.
However, there may still be conflicts between packets in the same area, e.g. two conflicting expiration dates, etc.
The specification recommends that implementations favor the last occurence of a conflicting packet.
In some cases, duplicate packets with conflicting content even make sense, e.g. if a signature was made by a version 6 issuer key whose key material was migrated from an older OpenPGP version such as v4.
In this case, the v4 key could be used to validate the v6 signature, but since the fingerprint and key ID calculation scheme was changed between v4 and v6, these identifiers would differ.
Therefore, the signature could contain two sets of issuer fingerprint and isuer key ID subpackets with conflicting, but correct values.
```
- Key Flags