Created QR Codes (markdown)

Dominik Schürmann 2017-02-05 12:34:04 +01:00
parent 3a1a208caf
commit 7cadf25d1f
1 changed files with 29 additions and 0 deletions

29
QR-Codes.md Normal file

@ -0,0 +1,29 @@
* ``android.intent.action.VIEW`` with URIs following the ``openpgp4fpr`` (OpenPGP version 4 fingerprint) schema.
* For example: ``openpgp4fpr:73EE2314F65FA92EC2390D3A718C070100012282``.
* Compatible with Monkeysphere's and Guardian Project's QR Codes
* Only full fingerprints are supported, not key IDs. After scanning OpenKeychain allows for certification of keys and this is only secure with full fingerprints.
## About `openpgp4fpr` (copied from https://github.com/effigies/openpgp4info)
In 2010, the [Monkeysphere](http://web.monkeysphere.info/) project
[introduced](http://permalink.gmane.org/gmane.comp.security.monkeysphere/592)
the `openpgp4fpr:<FINGERPRINT>` scheme for sharing OpenPGP key fingerprints,
where `<FINGERPRINT>` is the full 40 hex character fingerprint of a primary
key, and has since been adopted in vCards for sharing public keys.
Perhaps more significantly, several Android applications ([APG](
https://play.google.com/store/apps/details?id=org.thialfihar.android.apg
)/[OpenKeychain](
https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain),
and the Guardian Project's [GnuPG port](
https://play.google.com/store/apps/details?id=info.guardianproject.gpg)) now
accept this scheme as a means of quickly exchanging public keys via QR codes.
The Android "intents" interface paves the way for `openpgp4fpr` URIs to become
increasingly common. The purpose of the site was to provide a proof-of-concept
that demonstrates their applicability outside the realm of Android applications.
In early 2015, the [WHATWG](https://html.spec.whatwg.org/multipage/
"If you're wondering what cipher to enable: rsa_rc4_128_sha.") [accepted](
https://html5.org/r/8872) `openpgp4fpr:` as a [whitelisted scheme](
https://html.spec.whatwg.org/multipage/webappapis.html#whitelisted-scheme).