vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-09 03:09:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

edit ch20 on signature packet versions

Browse source
This commit is contained in:
Tammi L. Coles 2024-01-19 16:23:25 +01:00
parent f476a96537
commit 708b7cc64c
1 changed files with 4 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
book/source/adv/signatures.md
View file

@ -39,15 +39,13 @@ In contrast, when a message is created for a specific recipient, the sender can
In this workflow, the signed hash digest is created with a hash algorithm that meets the recipient's preferences as well as the sender's capabilities and preferences.
## Signature versions
## Conforming to signature packet versions
As described in the [RFC](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-signature-packet-type-id-2), the version of a generated signature packet must conform to the version of the key that issues the signature.
That is:
As described in the [RFC](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-signature-packet-type-id-2), the version of a generated signature packet must conform to the version of the key used to issue it. Specifically:
- OpenPGP version 6 keys must generate version 6 signature packets
- OpenPGP version 4 keys must generate version 4 signature packets
Note that some historical version 3 signature packets may still be relevant for applications that handle old OpenPGP data[^sig-v3]. These version 3 signature packets will have been generated by version 4 keys.
Some version 3 signature packets, while historical, may still be relevant for applications that handle legacy OpenPGP data[^sig-v3]. These version 3 signature packets will have been generated by version 4 keys.
[sig-v3]Version 4 signature packets were introduced in [RFC 2440](https://datatracker.ietf.org/doc/html/rfc2440#section-5.2) in 1998, which specifies that applications SHOULD generate v4 signature, however generation of v3 signature packets has remained allowed through [RFC 4880](https://www.rfc-editor.org/rfc/rfc4880.html#section-5.2).
[sig-v3]Version 4 signature packets were introduced in [RFC 2440](https://datatracker.ietf.org/doc/html/rfc2440#section-5.2) in 1998, which specifies that applications *should* generate v4 signatures. However, generation of v3 signature packets continued to be permissable as per [RFC 4880](https://www.rfc-editor.org/rfc/rfc4880.html#section-5.2).