order, using as few octets as possible. The value 0 has length zero.
.TP
.B "struct"
-A sequence of subkeys is stored. Each subkey consists of a single
-octet giving the length of the subkey's label; the label itself in
-ASCII, zero-octet padding to make the subkey start at a multiple of four
-octets, and then the encoding of the subkey. There is no terminator:
-the outer length field indicates when to stop reading subkeys.
+A sequence of subkeys is stored; the sequence is sorted by
+lexicographical order of the subkeys' labels. Each subkey consists of a
+single octet giving the length of the subkey's label; the label itself
+in ASCII, zero-octet padding to make the subkey start at a multiple of
+four octets, and then the encoding of the subkey. There is no
+terminator: the outer length field indicates when to stop reading
+subkeys.
.TP
.B "string"
The string is stored as-is, with no terminator.
.B "encrypt"
The key data is encoded as binary and encrypted as described above. The
resulting ciphertext is stored as is.
+.SS "Fingerprints"
+The fingerprint is computed by hashing the binary representation of (the
+selected parts of) a key's data followed by the key type preceded by a
+single length octet, and the key's attributes, in lexicographic order of
+the attribute name. Each attribute consists of the attribute's name
+preceded by a single length octet, followed by the value preceded by a
+two-octet length. The lengths do not include themselves; neither string
+has a terminator character; there is no padding.
.SH AUTHOR
Mark Wooding, <mdw@nsict.org>
projects / u / mdw / catacomb / blobdiff