[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SPKI Starting Point?
Taking the idea of spki as whois++/rfc822 a step further, here is a
bare-bones (unstuffed?) straw-man with the basic additional fields.
Sig-Algorithm: <name of algorithm being used, eg. RSAwithMD5>
Sig-NotBefore: <Date>
Sig-NotAfter: <Date>
Sig-Signer: <URI identifying signing key>
Sig-Signature: <base64 encoding of the result of applying
Sig-Algorithm to all fields in this template,
with all multi-line values treated as if the
value were encoded on a single line, and with
all trailing white-space removed>
[Sig-Signer just identifies the key; if the URI is a URL, and that URL
resolves to a well formatted SPKI template containing a public key, that
key should be the one that was used to sign this template. alternately,
there could be transfomration rules used to automatically generate a URL
from the URI for both CRL and Key]
Additional attribute for templates carrying public keys:
Either
Public-Key: <type> ";" <base64 encoding of pkcs-1 encoding of key>
OR
RSA-PublicKey-Modulus: <base64 encoding of modulus>
RSA-PublicKey-Exponent: <base64 encoding of exponent>
OR
RSA-PublicKey-Modulus: text encoding of decimal val of modulus
RSA-PublicKey-Exponent: text encoding of decimal value of exponent
---
They say in online country So which side are you on boys
There is no middle way Which side are you on
You'll either be a Usenet man Which side are you on boys
Or a thug for the CDA Which side are you on?
National Union of Computer Operatives; Hackers, local 37 APL-CPIO
Follow-Ups: