📄 draft-ietf-openpgp-rfc2440bis-07.txt
字号:
Network Working Group Jon Callas
Category: INTERNET-DRAFT PGP Corporation
draft-ietf-openpgp-rfc2440bis-07.txt
Expires Sep 2003 Lutz Donnerhacke
March 2003 IN-Root-CA Individual Network e.V.
Hal Finney
Network Associates
Rodney Thayer
OpenPGP Message Format
draft-ietf-openpgp-rfc2440bis-07.txt
Copyright 2003 by The Internet Society. All Rights Reserved.
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
IESG Note
This document defines many tag values, yet it doesn't describe a
mechanism for adding new tags (for new features). Traditionally the
Internet Assigned Numbers Authority (IANA) handles the allocation of
new values for future expansion and RFCs usually define the
procedure to be used by the IANA. However there are subtle (and not
so subtle) interactions that may occur in this protocol between new
features and existing features which result in a significant
reduction in over all security. Therefore this document does not
define an extension procedure. Instead requests to define new tag
values (say for new encryption algorithms for example) should be
forwarded to the IESG Security Area Directors for consideration or
forwarding to the appropriate IETF Working Group for consideration.
Callas, et al. Expires September 3, 2003 [Page 1]
INTERNET-DRAFT OpenPGP Message Format March 3, 2003
Abstract
This document is maintained in order to publish all necessary
information needed to develop interoperable applications based on
the OpenPGP format. It is not a step-by-step cookbook for writing an
application. It describes only the format and methods needed to
read, check, generate, and write conforming packets crossing any
network. It does not deal with storage and implementation questions.
It does, however, discuss implementation issues necessary to avoid
security flaws.
OpenPGP software uses a combination of strong public-key and
symmetric cryptography to provide security services for electronic
communications and data storage. These services include
confidentiality, key management, authentication, and digital
signatures. This document specifies the message formats used in
OpenPGP.
Callas, et al. Expires September 3, 2003 [Page 2]
INTERNET-DRAFT OpenPGP Message Format March 3, 2003
Table of Contents
Status of this Memo 1
IESG Note 1
Abstract 2
Table of Contents 3
1. Introduction 6
1.1. Terms 6
2. General functions 6
2.1. Confidentiality via Encryption 7
2.2. Authentication via Digital signature 7
2.3. Compression 8
2.4. Conversion to Radix-64 8
2.5. Signature-Only Applications 8
3. Data Element Formats 9
3.1. Scalar numbers 9
3.2. Multi-Precision Integers 9
3.3. Key IDs 9
3.4. Text 10
3.5. Time fields 10
3.6. Keyrings 10
3.7. String-to-key (S2K) specifiers 10
3.7.1. String-to-key (S2K) specifier types 10
3.7.1.1. Simple S2K 10
3.7.1.2. Salted S2K 11
3.7.1.3. Iterated and Salted S2K 11
3.7.2. String-to-key usage 12
3.7.2.1. Secret key encryption 12
3.7.2.2. Symmetric-key message encryption 13
4. Packet Syntax 13
4.1. Overview 13
4.2. Packet Headers 13
4.2.1. Old-Format Packet Lengths 14
4.2.2. New-Format Packet Lengths 14
4.2.2.1. One-Octet Lengths 15
4.2.2.2. Two-Octet Lengths 15
4.2.2.3. Five-Octet Lengths 15
4.2.2.4. Partial Body Lengths 15
4.2.3. Packet Length Examples 16
4.3. Packet Tags 16
5. Packet Types 17
5.1. Public-Key Encrypted Session Key Packets (Tag 1) 17
5.2. Signature Packet (Tag 2) 18
5.2.1. Signature Types 18
5.2.2. Version 3 Signature Packet Format 20
5.2.3. Version 4 Signature Packet Format 23
5.2.3.1. Signature Subpacket Specification 24
5.2.3.2. Signature Subpacket Types 25
5.2.3.3. Notes on Self-Signatures 25
5.2.3.4. Signature creation time 26
5.2.3.5. Issuer 26
5.2.3.6. Key expiration time 27
Callas, et al. Expires September 3, 2003 [Page 3]
INTERNET-DRAFT OpenPGP Message Format March 3, 2003
5.2.3.7. Preferred symmetric algorithms 27
5.2.3.8. Preferred hash algorithms 27
5.2.3.9. Preferred compression algorithms 27
5.2.3.10.Signature expiration time 27
5.2.3.11.Exportable Certification 27
5.2.3.12.Revocable 28
5.2.3.13.Trust signature 28
5.2.3.14.Regular expression 29
5.2.3.15.Revocation key 29
5.2.3.16.Notation Data 29
5.2.3.17.Key server preferences 30
5.2.3.18.Preferred key server 30
5.2.3.19.Primary user id 30
5.2.3.20.Policy URL 31
5.2.3.21.Key Flags 31
5.2.3.22.Signer's User ID 32
5.2.3.23.Reason for Revocation 32
5.2.3.24.Features 33
5.2.3.25.Signature Target 33
5.2.4. Computing Signatures 34
5.2.4.1. Subpacket Hints 35
5.3. Symmetric-Key Encrypted Session Key Packets (Tag 3) 35
5.4. One-Pass Signature Packets (Tag 4) 36
5.5. Key Material Packet 37
5.5.1. Key Packet Variants 37
5.5.1.1. Public Key Packet (Tag 6) 37
5.5.1.2. Public Subkey Packet (Tag 14) 37
5.5.1.3. Secret Key Packet (Tag 5) 37
5.5.1.4. Secret Subkey Packet (Tag 7) 37
5.5.2. Public Key Packet Formats 38
5.5.3. Secret Key Packet Formats 39
5.6. Compressed Data Packet (Tag 8) 41
5.7. Symmetrically Encrypted Data Packet (Tag 9) 41
5.8. Marker Packet (Obsolete Literal Packet) (Tag 10) 42
5.9. Literal Data Packet (Tag 11) 43
5.10. Trust Packet (Tag 12) 43
5.11. User ID Packet (Tag 13) 43
5.12. User Attribute Packet (Tag 17) 44
5.12.1. The Image Attribute Subpacket 44
5.13. Sym. Encrypted Integrity Protected Data Packet (Tag 18) 45
5.14. Modification Detection Code Packet (Tag 19) 47
6. Radix-64 Conversions 47
6.1. An Implementation of the CRC-24 in "C" 48
6.2. Forming ASCII Armor 48
6.3. Encoding Binary in Radix-64 51
6.4. Decoding Radix-64 52
6.5. Examples of Radix-64 52
6.6. Example of an ASCII Armored Message 53
7. Cleartext signature framework 53
7.1. Dash-Escaped Text 54
8. Regular Expressions 54
9. Constants 55
Callas, et al. Expires September 3, 2003 [Page 4]
INTERNET-DRAFT OpenPGP Message Format March 3, 2003
9.1. Public Key Algorithms 55
9.2. Symmetric Key Algorithms 55
9.3. Compression Algorithms 56
9.4. Hash Algorithms 56
10. Packet Composition 56
10.1. Transferable Public Keys 56
10.2. OpenPGP Messages 58
10.3. Detached Signatures 58
11. Enhanced Key Formats 59
11.1. Key Structures 59
11.2. Key IDs and Fingerprints 60
12. Notes on Algorithms 61
12.1. Symmetric Algorithm Preferences 61
12.2. Other Algorithm Preferences 61
12.2.1. Compression Preferences 62
12.2.2. Hash Algorithm Preferences 62
12.3. Plaintext 62
12.4. RSA 63
12.5. Elgamal 63
12.6. DSA 64
12.7. Reserved Algorithm Numbers 64
12.8. OpenPGP CFB mode 64
13. Security Considerations 65
14. Implementation Nits 67
15. Authors and Working Group Chair 69
16. References 70
17. Full Copyright Statement 72
Callas, et al. Expires September 3, 2003 [Page 5]
INTERNET-DRAFT OpenPGP Message Format March 3, 2003
1. Introduction
This document provides information on the message-exchange packet
formats used by OpenPGP to provide encryption, decryption, signing,
and key management functions. It is a revision of RFC2440, "OpenPGP
Message Format", which itself replaces RFC 1991, "PGP Message
Exchange Formats."
1.1. Terms
* OpenPGP - This is a definition for security software that uses
PGP 5.x as a basis, formalized in RFC 2440 and this document.
* PGP - Pretty Good Privacy. PGP is a family of software systems
developed by Philip R. Zimmermann from which OpenPGP is based.
* PGP 2.6.x - This version of PGP has many variants, hence the
term PGP 2.6.x. It used only RSA, MD5, and IDEA for its
cryptographic transforms. An informational RFC, RFC1991, was
written describing this version of PGP.
* PGP 5.x - This version of PGP is formerly known as "PGP 3" in
the community and also in the predecessor of this document,
RFC1991. It has new formats and corrects a number of problems in
the PGP 2.6.x design. It is referred to here as PGP 5.x because
that software was the first release of the "PGP 3" code base.
* GPG - GNU Privacy Guard, also called GNUpg. GPG is an OpenPGP
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -