I think proper implementation of an asset definition at issuance should be the hash of the contract in the OP_RETURN output. Somebody really creative could even store the contract with Namecoin and indexed by the hash of the contract. This is probably just a pipedream of mine though.
I don't know how this is all directly applicable to ChromaWallet given the drastic differences in implementation.
Yep, we can add it to ChromaWallet... epobc color kernel (which we use now) has no special meaning for OP_RETURN, so you can just a contract hash (or, really, anything) in there.
But I believe this should be a separate layer, and for now we focus on the core layer.
I doubt we'll have a lot of assets worth buying, so things like automatic discovery are largely unnecessary.
In any case, it is up to investor to perform due diligence, this cannot be automatized in the general case, and checking PGP signature is a small part of it.
Here's what I think is a normal way to issue shares via colored coins:
http://www.alefbit.com/investor/issue/The contract:
http://www.alefbit.com/pr/AlefBitIssuance.txt is PGP-signed by the issuer.
Of course, it is meaningful only if one believes that it was really signed by Ariel Horwitz, and that Ariel Horwitz is trustworthy.
Use of contract hashes and Namecoin doesn't really solve the main issue, issue of identity and trustworthiness check, so I don't think it's worth the effort atm.
But it was mentioned more than once, so there is something in it, I guess. Still, PGP integration could be orders of magnitude more useful.