Skip to content

/ go

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto/openpgp: add support for Policy URI signature subpackets #43541

Closed
jandd opened this issue Jan 6, 2021 · 3 comments
Closed

x/crypto/openpgp: add support for Policy URI signature subpackets #43541

jandd opened this issue Jan 6, 2021 · 3 comments
Labels
NeedsDecision
Milestone
Unreleased

Comments

@jandd
Copy link

@jandd jandd commented Jan 6, 2021

What version of Go are you using (go version)?

$ go version
go version go1.15.6 linux/amd64

Does this issue reproduce with the latest release?

yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/jan/.cache/go-build"
GOENV="/home/jan/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/jan/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/jan/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/lib/go-1.15"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/lib/go-1.15/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build825281867=/tmp/go-build -gno-record-gcc-switches"

What did you do?

When signing an OpenPGP public key I would like to add a Policy URI (specified in RFC-4880 5.2.3.20.

What did you expect to see?

Some support for Policy URI in the golang.org/x/crypto/openpgp/packet Signature type.

What did you see instead?

No support for Policy URI.
@gopherbot gopherbot added this to the Unreleased milestone Jan 6, 2021
@gopherbot
Copy link

@gopherbot gopherbot commented Jan 6, 2021

Change https://golang.org/cl/281953 mentions this issue: openpgp/signature: support for Policy URI subpackets
@toothrot
Copy link
Contributor

@toothrot toothrot commented Jan 8, 2021

/cc @FiloSottile
@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented Mar 29, 2021

Per the accepted #44226 proposal and due to lack of maintenance, the golang.org/x/crypto/openpgp package is now frozen and deprecated. No new changes will be accepted except for security fixes. The package will not be removed.

If this is a security issue, please email security@golang.org and we will assess it and provide a fix.

If you're looking for alternatives, consider the crypto/ed25519 package for simple signatures, golang.org/x/mod/sumdb/note for inline signatures, or filippo.io/age for encryption. You can read a summary of OpenPGP issues and alternatives here.

If you are required to interoperate with OpenPGP systems and need a maintained package, we suggest considering one of multiple community forks of golang.org/x/crypto/openpgp. We don't endorse any specific one.

Thank you!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsDecision
Projects
None yet
Milestone
Unreleased
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
@toothrot @jandd @FiloSottile @gopherbot