This XMPP extension protocol specifies a profile of Pubsub Signing to use OpenPGP for signature.
Signing an item with OpenPGP requires to have OpenPGP for XMPP (XEP-0373)XEP-0373: OpenPGP for XMPP <https://xmpp.org/extensions/xep-0373.html>. implemented to handle keys, however this specification uses its own <sign/> element because it uses wrapper element from Pubsub Signing XEP, and signed data MUST NOT be included with the signature.
To sign an element, a client process as explained in XEP-0XXX § Signing a Pubsub Item where the "signing profile" element used is a <sign/> element qualified by the 'urn:xmpp:pubsub-signing:openpgp:0' namespace. This element MUST contain a Base64 encoded (RFC 4648RFC 4648: The Base16, Base32, and Base64 Data Encodings <http://tools.ietf.org/html/rfc4648>. § 4) OpenPGP message as specified in RFC 4880RFC 4880: OpenPGP Message Format <http://tools.ietf.org/html/rfc4880>. which MUST contain a detached signature as defined in RFC 4880RFC 4880: OpenPGP Message Format <http://tools.ietf.org/html/rfc4880>. § 11.4 of the signed data as specified in XEP-0XXX § Signing a Pubsub Item.
If a client supports the protocol specified in this XEP, it MUST advertise it by including the "urn:xmpp:pubsub-signing:openpgp:0" discovery feature in response to a Service Discovery (XEP-0030)XEP-0030: Service Discovery <https://xmpp.org/extensions/xep-0030.html>. information request:
]]>
...
...
]]>
Security considerations of OpenPGP for XMPP (XEP-0373)XEP-0373: OpenPGP for XMPP <https://xmpp.org/extensions/xep-0373.html>. and XEP-0XXX apply.
TODO
TODO
TODO
Thanks to NLnet foundation/NGI0 Discovery for funding.