Martin T wrote: > Hi, > > thanks for the reply! > >>> I think "method" in the example above is just indicating that this is a PGP >>> key. > > Exactly. However, how does RIPE server-side software detect that it's > a PGP key? Is this information(besides other information like key > creation date and UID) written into pubring.gpg file during the > creation of the public key? > Yes it's stored in the key packets. The format for all the packets is described in RFC 4880
You can see the data yourself by listing the packet data gpg --export 0xDECAFBAD | gpg --list-packets or gpg --export 0xDEADBEEF | pgpdump --list-packets accepts the -v option to increase verbosity. See the gpg man page > >>> No. The fingerprint is based on the key material only. You can >>> add/change UIDs without the fingerprint changing. > > Indeed. I revoked my current UID and changed it to another one and > both public and private key fingerprints remained the same. So the key > fingerprint is a hashed key material? Is it a SHA-1, MD5 or some other > type of hash? SHA-1 for current V4 keys. Covered in RFC 4880 -- John P. Clizbe Inet: John (a) Gingerbear DAWT net SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users