Updated QR Codes (markdown)

Dominik Schürmann 2017-02-05 12:44:21 +01:00
parent 9df8610530
commit d27522e67e
1 changed files with 8 additions and 24 deletions

@ -1,32 +1,16 @@
* ``android.intent.action.VIEW`` with URIs following the ``openpgp4fpr`` (OpenPGP version 4 fingerprint) schema.
* For example: ``openpgp4fpr:73EE2314F65FA92EC2390D3A718C070100012282``.
* Compatible with Monkeysphere's and Guardian Project's QR Codes
## QR Code format
* QR Codes contain an Uri with the ``openpgp4fpr`` scheme and the full fingerprint, such as ``OPENPGP4FPR:73EE2314F65FA92EC2390D3A718C070100012282``
* The Uri is fully uppercase to use the more efficient [alphanumeric encoding](https://en.wikipedia.org/wiki/QR_code#Encoding) that does not support lowercase letters.
* Only full fingerprints are supported, not key IDs. After scanning OpenKeychain allows for certification of keys and this is only secure with full fingerprints.
* OpenKeychain also supports opening ``openpgp4fpr`` Uris with full fingerprints via Android's ``android.intent.action.VIEW`` Intent
## About `openpgp4fpr` (copied from [effigies/openpgp4info](https://github.com/effigies/openpgp4info))
## About `openpgp4fpr` (copied from https://github.com/effigies/openpgp4info)
In 2010, the [Monkeysphere](http://web.monkeysphere.info/) project [introduced](http://permalink.gmane.org/gmane.comp.security.monkeysphere/592) the `openpgp4fpr:<FINGERPRINT>` scheme for sharing OpenPGP version 4 key fingerprints, where `<FINGERPRINT>` is the full 40 hex character fingerprint of a primary key, and has since been adopted in vCards for sharing public keys.
In 2010, the [Monkeysphere](http://web.monkeysphere.info/) project
[introduced](http://permalink.gmane.org/gmane.comp.security.monkeysphere/592)
the `openpgp4fpr:<FINGERPRINT>` scheme for sharing OpenPGP key fingerprints,
where `<FINGERPRINT>` is the full 40 hex character fingerprint of a primary
key, and has since been adopted in vCards for sharing public keys.
Perhaps more significantly, several Android applications ([APG](https://play.google.com/store/apps/details?id=org.thialfihar.android.apg)/[OpenKeychain](https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain), and the Guardian Project's [GnuPG port](https://play.google.com/store/apps/details?id=info.guardianproject.gpg)) now accept this scheme as a means of quickly exchanging public keys via QR codes. The Android "intents" interface paves the way for `openpgp4fpr` URIs to become increasingly common.
Perhaps more significantly, several Android applications ([APG](
https://play.google.com/store/apps/details?id=org.thialfihar.android.apg
)/[OpenKeychain](
https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain),
and the Guardian Project's [GnuPG port](
https://play.google.com/store/apps/details?id=info.guardianproject.gpg)) now
accept this scheme as a means of quickly exchanging public keys via QR codes.
The Android "intents" interface paves the way for `openpgp4fpr` URIs to become
increasingly common. The purpose of the site was to provide a proof-of-concept
that demonstrates their applicability outside the realm of Android applications.
In early 2015, the [WHATWG](https://html.spec.whatwg.org/multipage/
"If you're wondering what cipher to enable: rsa_rc4_128_sha.") [accepted](
https://html5.org/r/8872) `openpgp4fpr:` as a [whitelisted scheme](
https://html.spec.whatwg.org/multipage/webappapis.html#whitelisted-scheme).
In early 2015, the [WHATWG](https://html.spec.whatwg.org/multipage/) [accepted](https://html5.org/r/8872) `openpgp4fpr:` as a [whitelisted scheme](https://html.spec.whatwg.org/multipage/webappapis.html#whitelisted-scheme).
## Links