[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Clarification needed on compressed messages
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, Jul 30, 2003 at 03:45:23PM -0400, Derek Atkins wrote:
> David Shaw <dshaw@xxxxxxxxxxxxxxx> writes:
> > Is this the intent? And if so, in a SIG+COMPRESSED(LITERAL) message,
> > is the SIG issued over COMPRESSED(LITERAL) or LITERAL ?
> I believe it is the intent, and in the SIG+(COMPRESSED(LITERAL) the
> SIG should be issued over the COMPRESSED(LITERAL). The only special
> case that I know of is SIG+LITERAL, where the SIG is over the data
> inside the literal and doesn't include the literal packet itself.
ONEPASS+LITERAL+SIG is another case.
> However, all other constructions should build the SIG over the
> underlying PGP message object.
This sounds very reasonable to me. I think a word or two to make that
clear in the draft would be helpful: something that indicates that
"bare" literal packets should have their contents hashed, but anything
else should be hashed whole.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc2 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
-----END PGP SIGNATURE-----