[Autocrypt] How to create the "raw key" part from an RSA key
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri May 19 12:11:00 EDT 2017
Hi Bjoern--
On Fri 2017-05-19 15:26:06 +0200, Bjoern wrote:
> So, i Delta Chat can create the two keypairs now.
yay!
> Can anyone please check if the key examples below meet the
> requirements of Autocrypt?
i just reviewed the public key -- i'll review the private key later :)
a few comments:
* your primary key is marked as encryption-capable (it has "sign" and
"encrypt-comms" flags). This is generally not a best practice.
primary keys should have "sign" and "certify" flags, but not
encryption-capable.
* the subkey should have "encrypt-comms" and "encrypt-storage" flags
(yours currently has "sign" and "encrypt-comms").
* your subkey binding signature contains preferred symmetric, hash, and
compression subpackets, as well as the features subpacket. Those are
usually only placed in the self-sig over the user ID, not in the
subkey binding packet.
* your ordering of preferred hash algorithms should be hardened -- it
looks like you prefer SHA1 before SHA384, SHA512, and SHA224. No one
should prefer SHA1 over anything from the SHA2 family.
* I was unable to validate your subkey binding signature! i was able
to validate the selfsig over the uid, though, so one of the sigs is
correct.
* (nitpick) why do you have this Version: header in the armor? modern
versions of GnuPG don't include any such header by default.
> For me, they look well, but I'm not familar with this stuff, others
> may see obvious errors (the armour is only for readability here, in
> the Autocrypt-header, it is left out)
fwiw, "armor" in OpenPGP land usually refers to the base64-encoding in
addition to the "-----BEGIN…" and "-----END…" lines and the headers. i
think you're using it to mean just the "-----" lines and headers, and
not the base64-encoding itself.
--dkg
More information about the Autocrypt
mailing list