[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signature targets and where they should be used



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, May 27, 2003 at 07:57:35PM -0700, Jon Callas wrote:
> 
> On 4/16/03 2:38 PM, "David Shaw" <dshaw@xxxxxxxxxxxxxxx> wrote:
> 
> Is there a consensus on this?
> 
> Personally, I think that the SHOULD is good enough. If you want to do a
> blind notary, you have the perfect reason not to put the target packet
> there.
> 
> However, I included this text: "Note that we really do mean SHOULD. There
> are plausible uses for this (such a a blind notary that only sees the
> signature, not the key nor source document) that cannot include a target
> subpacket."

The gist of my original comment was that a signature target is
actually needed when issuing a certification revocation signature
(i.e. 0x30).  This is a signature (the 0x30 sig) on the hash of an
object (the pk+user ID) that actually refers to another signature (the
signature being revoked).  A signature target there is necessary to
know which signature is being revoked.

With notary signatures, on the other hand, it is clear which signature
is being signed.  The notary signature itself won't even verify if we
check it against the wrong signature.  Including a signature target
there is like making a signature (the 0x50) on the hash of an object
(the signature being notarized), that contains a second copy of the
signature being notarized in the signature target subpacket.  Why
SHOULD someone include it twice?

Saying nothing at all on the subject of signature targets and notary
signatures, or even making it a "MAY" just seems simpler.

All that said, I'm okay with the added clarification above. :)

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc

iD8DBQE+1X0m4mZch0nhy8kRApH6AKDRPC7Y+o9p3O1d9kIYLFeJZp1/FgCghVdi
Cw/SrIx2YnPes9/1Vp2Csfs=
=KK5x
-----END PGP SIGNATURE-----