On Jul 26, 2009, at 9:40 PM, James P. Howard, II wrote:
I am trying to understand the differences in key types and looking at
encryption keys in particular. RFC 4880 has this to say on the matter
of key flags:
0x04 - This key may be used to encrypt communications.
0x08 - This key may be used to encrypt storage.
So, my first question is why is there a distinction between the two
types of encryption?
Also, looking in GnuPG 1.4.9, I see this in g10/keygen.c:
if (use & PUBKEY_USAGE_ENC)
buf[0] |= 0x04 | 0x08;
Which suggests, quite strongly, that the distinction is irrelevant.
Why
GnuPG ignore the different encryption key types?
Because it is difficult (or nearly impossible) to determine the
difference from the perspective of GnuPG. That is, I as a person know
what I'm encrypting and what I plan on doing with it, but GnuPG just
sees bits. As a general-purpose OpenPGP tool, GnuPG pretty much needs
to treat both communications and storage as the same thing. Other
tools for more specific environments may "know" what their usage is
and can treat this differently.
This is expected behavior - the OpenPGP standard even mentions it:
Note however, that it is a thorny issue to
determine what is "communications" and what is "storage". This
decision is left wholly up to the implementation; the authors of
this
document do not claim any special wisdom on the issue and realize
that accepted opinion may change.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
