Closed TJ-91 closed 1 year ago
No, I think it's required. Like this we're binding to both public keys in the exchange:
Right now in v4 we're putting the fingerprint, that is equivalent
Also for @falko-strenzke we need to bind the actual key used in the exchange, that is not the primary certification PK
Ok, we should keep it like it is then. Also it turned out not to be that hard to pass through the raw packet data after all.
Currently we have
1) Do we really need the sub-key packet here? The key material itself would be easier to implement as the raw packet is not usually passed through to the crypto operations. 2) Wouldn't
fixedInfo = algID
suffice or does hashing the public key here achieve stronger security?