Martin T wrote: > Hi, > > thanks for the reply! > >>> I think "method" in the example above is just indicating that this is a PGP >>> key. > > Exactly. However, how does RIPE server-side software detect that it's > a PGP key? Is this information(besides other information like key > creation date and UID) written into pubring.gpg file during the > creation of the public key? > Yes it's stored in the key packets. The format for all the packets is described in RFC 4880
You can see the data yourself by listing the packet data
gpg --export 0xDECAFBAD | gpg --list-packets
or
gpg --export 0xDEADBEEF | pgpdump
--list-packets accepts the -v option to increase verbosity. See the gpg man page
>
>>> No. The fingerprint is based on the key material only. You can
>>> add/change UIDs without the fingerprint changing.
>
> Indeed. I revoked my current UID and changed it to another one and
> both public and private key fingerprints remained the same. So the key
> fingerprint is a hashed key material? Is it a SHA-1, MD5 or some other
> type of hash?
SHA-1 for current V4 keys. Covered in RFC 4880
--
John P. Clizbe Inet: John (a) Gingerbear DAWT net
SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or
mailto:pgp-public-k...@gingerbear.net?subject=HELP
Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
