I had expected to find that the key identifier is qualified by the encryption scheme of the key. That is, instead of
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust> we have <trust type='omemo'> 6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4 </trust>And then a section explaining how to derive the key identifier for the given 'type'.
Not having the key-identifier format clearly specified appears to be a security risk: Imagine someone sending a distrust message and the recipient does not understand the key identifier because it uses a slightly different way to derive it.
One further minor remark: I do not like that the semantic of trust/distrust and the key identifier is convoluted. I personally would have designed an extra element for key identifiers.
<key-identifier type='omemo'>
<fingerprint>
6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4
</fingerprint>
</key-identifier>
which then gets wrapped into <trust/> or <distrust/> elements.
The separate <key-identifier/> element allows to be re-used at various
places, which, I believe, makes the verification of the element more robust.
- Florian
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
