Hi! On Fri, 2025-09-12 at 08:59:10 +0200, Julian Andres Klode wrote: > On Wed, Aug 27, 2025 at 01:41:19PM +0200, Guillem Jover wrote: > > On Sat, 2025-04-19 at 21:02:47 +0200, Julian Andres Klode wrote: > > > So the .pgp extension is reserved for PGP messages, not keys. > > > > > > This needs to be resolved by the IETF WG, and the change in the > > > keyring package was premature. > > > > > > The only file extension for keys is .asc for armored ones. > > > > I think that to keep using .gpg is worse, because I don't think there's > > even a MIME type for .gpg? At least none that I could see in the > > /etc/mime.types anyway. For example file --mime-types returns the correct > > thing anyway. > > > > My take is that the MIME definition is not exhaustive, so I don't see a > > conflict if it's "missing types". And my perception is that MIME types > > get registered after demonstrated usage?
And to clarify, I think .pgp has pre-existing demonstrated usage, from even before GnuPG was around. > > Julian asked if file did application/pgp-keys for .pgp keys, and this > > was my reply: > > > > $ file --mime-type /usr/share/keyrings/debian-archive-trixie-automatic.pgp > > /usr/share/keyrings/debian-archive-trixie-automatic.pgp: > > application/pgp-keys > > > > It just checks the contents the same with a .gpg one for example: > > > > $ file --mime-type /usr/share/keyrings/debian-maintainers.gpg > > /usr/share/keyrings/debian-maintainers.gpg: application/pgp-keys > > > > So I don't see much of a problem here, and I think it would be best if we > > could move away from this naming pattern, as that entrenches GnuPG usage > > as a synonym for OpenPGP which seems rather unfortunate. > > > > And for example for the apt modernize stuff I think it would be great if > > it could check whether the current pathname referred is a symlink and > > then use that (or perhaps if the symlink target is named .pgp if you want > > to be more specific). > > > > Julian then replied that the code could be made to just look for a > > .pgp first. > > Now the uapi group standardized .openpgp as the file extension > for keys in the > > File Hierarchy for the Verification of OS Artifacts (VOA) > > specification, but also specifies they must be ASCII armored, > that is, they match our .asc extension. > > So this of course begs the question of whether to support .openpgp > as an extension, but also maybe we should prefer .asc - despite .asc > having higher overhead - since it's a nicer file format to work > with in practical applications. I don't find the .openpgp extension choice to be great. It is very long, it is going to be confusing alongside the pre-existing usage of .pgp for binary artifacts, and it ignores the existing usage of .asc. I could agree that «.asc» was not a great choice (given its potentially generic naming), but I think it's pretty ubiquitously recognized as OpenPGP ASCII Armor by now. I'd rather we do not make this even more confusing. :/ Thanks, Guillem
