[Pkg-privacy-commits] [msva-perl] 310/356: update commentary about non-implemented OpenPGPCertificateEmbedded

[Ximin Luo]

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch debian
in repository msva-perl.

commit ebc3be8b98238af1ad1286356031c950c26eb349
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Wed Mar 23 15:30:50 2011 -0400

    update commentary about non-implemented OpenPGPCertificateEmbedded
---
 openpgp2x509 | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/openpgp2x509 b/openpgp2x509
index c131e5f..38d1ee4 100755
--- a/openpgp2x509
+++ b/openpgp2x509
@@ -82,10 +82,16 @@ my $algos = {
 # https://tools.ietf.org/html/rfc4880#section-11.1 , in "raw"
 # (non-ascii-armored) form.
 
-# this is the same as NullSignatureUseOpenPGP, but with the OpenPGP
-# material transported in-band in addition.
+# If it were implemented, it would be the same as
+# NullSignatureUseOpenPGP, but with the OpenPGP material transported
+# in-band in addition.
 
-# this has a few downsides:
+## NOTE: There is no implementation of the OpenPGPCertificateEmbedded,
+## and maybe there never will be.  Another approach would be to
+## transmitting OpenPGP signature packets in the TLS channel itself,
+## with an extension comparable to OCSP stapling.
+
+# the OpenPGPCertificateEmbedded concept has a few downsides:
 
 # 1) data duplication -- the X.509 Subject Public Key material is
 #    repeated (either in the primary key packet, or in one of the

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/msva-perl.git