On 13/01/2025 22.53, Marvin W wrote:
You are referencing OX to base your PGP part on it, however OX requires the recipient to verify that the PGP key has a user id in the form "xmpp:<bare-jid>" (this is a MUST in XEP-0373 ยง 3.2).
We could certainly modify OX to soften this restriction. When OX was written, we did not really consider PGP messages originating from outside XMPP. But this sounds like a reasonable use-case.
Hence OX could simply state that recipients must verify the signature. And that only if the PGP message is supposed to originate from within XMPP it the user ID should contain the sender's XMPP address.
- Flow
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list -- [email protected] To unsubscribe send an email to [email protected]
