All values are represented by a sequence of newline-separated text fields. The type of any given value is determined by its context. Each type of value has a common prefix that includes an algorithm identifier, followed by a sequence of algorithm-dependent fields:

authinfo	::=	signer-public-key certificate !private-key big-alpha big-p


certificate	::=	sigalg hashalg signer-name exp-time *-sig


sigalg	::=	
rsa | 
dsa | 
elgamal


hashalg	::=	
sha1 | 
md5



*-key	::=	sigalg owner-name ...


rsa-public-key	::=	
rsa

owner-name

big-n big-ek


rsa-private-key	::=	
rsa

owner-name

big-n big-ek


		!big-dk  !big-p !big-q !big-kp !big-kq !big-c2


dsa-public-key	::=	
dsa

owner-name

big-p big-q big-alpha big-key


dsa-private-key	::=	
dsa

owner-name

big-p big-q big-alpha big-key !big-secret


rsa-sig	::=	big-val


dsa-sig	::=	big-r big-s


elgamal-sig	::=	big-r big-s

Each value labelled as `big-' is an unsigned multiple-precision integer from keyring-ipint(2), represented as a sequence of bytes with in big-endian order, as produced by IPint->iptobytes with an extra leading zero byte added if the top bit of the first byte is set, and then encoded in base-64 (as by encoding(2)). Each value labelled `-name' is utf (6) text not containing a newline; it is interpreted by an application and need not be a name. The expiry time exp-time is represented in decimal as seconds from the Epoch (1 January 1970 00:00 GMT); if it is zero, no expiry time is set. A label prefixed by `!' marks a value that should be considered secret.

The hash of a key is computed over its textual encoding according to the syntax above. A certificate's signature value is produced by digitally signing using sigalg the hash (using hashalg) of the concatenation of the value to be authenticated, the signer-name in utf(6), a single space, and the exp-time in decimal (with no leading zeroes). When checking a signature, comparisons are done with values in internal multiple-precision form (ie, as IPints), not in base-64 form.