The attached patch adds PKCS#7 certificate bundles and PkiPath certification paths to freedesktop.xml.
Created attachment 9874 [details] [review] Add PKCS#7, PkiPath bundles
Any progress here?
Sorry for taking so long... any example file for them?
Created attachment 20293 [details] PkiPath example Sure, here's the PkiPath one, tests/list entry: test.pkipath application/pkix-pkipath ox
Created attachment 20294 [details] P
Created attachment 20295 [details] PKCS#7 example PKCS#7 example, tests/list entry: test.p7b application/x-pkcs7-certificates ox
Comment on attachment 20294 [details] P (comment 5 is a duplicate of comment 6)
* freedesktop.org.xml.in: * tests/list: * tests/test.p7b: * tests/test.pkipath: Patch from Ville Skyttä <ville.skytta@iki.fi> to add PKCS#7 and PkiPath file types (Closes: #10864)
According to RFC 2311, shouldn't the mimetype application/x-pkcs7-certificates be called application/pkcs7-mime instead? This is what gcr-crypto-types.xml (installed by gnome-keyring on opensuse12.1) does, which conflicts a little bit with freedesktop.org.xml (one says application/x-pkcs7-certificates is a real mimetype, the other says it's an alias). OK if I apply this change? http://www.davidfaure.fr/2011/rename_pkcs7.diff
I think that would be incorrect. The two types are quite different; pkcs7-mime is signed/enveloped data, and x-pkcs7-certificates is bunch of certificates and/or keys.
OK. Then the gnome keyring xml file is wrong. I'll just fix the comment and add the missing glob patterns then? --- a/freedesktop.org.xml.in +++ b/freedesktop.org.xml.in @@ -263,11 +263,14 @@ command to generate the output files. <match type="string" value="-----BEGIN PGP SIGNATURE-----" offset="0"/> </magic> </mime-type> + <!-- defined in RFC 2311 --> <mime-type type="application/pkcs7-mime"> - <_comment>S/MIME file</_comment> - <acronym>S/MIME</acronym> - <expanded-acronym>Secure/Multipurpose Internet Mail Extensions</expanded-acronym> + <_comment>PKCS#7 Message and Certificates</_comment> + <acronym>PKCS</acronym> + <expanded-acronym>Public-Key Cryptography Standards</expanded-acronym> <generic-icon name="text-x-generic"/> + <glob pattern="*.p7c"/> + <glob pattern="*.p7m"/> </mime-type> <mime-type type="application/pkcs7-signature"> <_comment>detached S/MIME signature</_comment> Does this seem OK?
Adding the extensions certainly looks ok to me, but "PKCS#7 Message and Certificates" doesn't sound quite right to me - RFC 2311 states "This MIME type always carries a single PKCS #7 object". Maybe "PKCS#7 Object" or "PKCS#7 Message or Certificate"?
Thanks for the comment, changed to "or" and committed (I think this is more useful to the end user than a generic term like "Object"). Now the only problem left is that gcr-crypto-types.xml defines x-pkcs7-certificates as an alias for pkcs7-mime (i.e. it merges the two mimetypes, like my initial commit wanted to do), but I don't know what's the upstream bug tracker for that (seems to be related to gnome-keyring). Hmm, but wait, if pkcs7-mime is not about certificates, why did you suggest to leave "or certificate" in the description? :-) I'm confused about this stuff.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.