Signature listing does not show annotations
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
hockeypuck |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
RFC 4880 5.2.3.20. Policy URI (subpacket type 26).
That holds a URL which contains a policy statement about how the identity was verified or whatever else the signer deems relevant.
By way of example, my two signatures on this key have a very relevant policy statement which provides relevant information about the security of the key being signed:
http://
By contrast, SKS does list them, entitled "Policy URL":
http://
I have other signatures which don't have the .txt extension and no guarantees can be provided, it's just a link to more information.
Minimally, Hockeypuck should do the same as SKS, including linkifying the URL. To be fancy, there could also be a button which uses Javascript to tack a new iframe into the current page, rendering the URL's content in a viewing window, or somesuch, with whatever security constraints are needed to protect against malicious iframe targets.
Changed in hockeypuck: | |
milestone: | none → backlog |
status: | New → Confirmed |