Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove default known notations #1600

Merged
merged 1 commit into from Feb 20, 2023
Merged

Remove default known notations #1600

merged 1 commit into from Feb 20, 2023

Conversation

twiss
Copy link
Member

@twiss twiss commented Feb 20, 2023

Since we don't interpret these notations, it is up to the caller to handle them, and thus also to decide whether they are "known". If they are marked as critical, and aren't handled by the caller, we should consider the signature unverified.

Though these notations don't seem super security-critical, it's not up to us to decide, the signer shouldn't mark them as critical if they don't want the signature to fail if we don't interpret them.

Cc @wiktor-k, let me know if you disagree, since you originally added this, but I think it was based on my suggestion, that I now think was mistaken :)

@twiss
Remove default known notations
8d463ce 
Since we don't interpret these notations, it is up to the caller
to handle them, and thus also to decide whether they are "known".
If they are marked as critical, and aren't handled by the caller,
we should consider the signature unverified.
@twiss twiss requested a review from larabr February 20, 2023 17:21
larabr
larabr approved these changes Feb 20, 2023
View reviewed changes
Copy link
Collaborator

@larabr larabr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can improve the explanation of the field since we are at it, e.g. clarify we're talking about signature validation. And that unsigned notations are ignored (idk if it's obvious)

wiktor-k
wiktor-k approved these changes Feb 20, 2023
View reviewed changes
Copy link
Contributor

@wiktor-k wiktor-k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm ok with this change. I think I copied them from Gnupg's default list but since OpenPGP.js is not an end user app in itself I think your change has merit 👍

@twiss
Copy link
Member Author

twiss commented Feb 20, 2023

Maybe we can improve the explanation of the field since we are at it, e.g. clarify we're talking about signature validation. And that unsigned notations are ignored (idk if it's obvious)

To be honest, since the only case where people are likely to need to use or look at this config value is when a signature fails to verify, I think it's somewhat obvious. Ofc we can always improve it but I'll leave it for another PR 😊

@twiss twiss merged commit 0ffcc49 into openpgpjs:main Feb 20, 2023
@twiss twiss deleted the remove-default-known-notations branch February 20, 2023 18:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wiktor-k wiktor-k wiktor-k approved these changes

@larabr larabr larabr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@twiss @wiktor-k @larabr