[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Back-signatures proposal
-----BEGIN PGP SIGNED MESSAGE-----
> I think it really depends on what the signature-in-a-subpacket is
> being used for. For the back-signature, it probably doesn't need
> any subpackets. At the same time, it doesn't hurt to include them.
> Does it matter very much?
Yes, I was referring specifically to subkey cross-signatures.
Including subpackets, particularly issuerId, is just wasteful
in this situation. (They're pretty wasteful on binding signatures,
too; one might argue that they could help correct a shuffled
packet sequence, but that's a stretch.) I'd like to see
recommendations for each flavor of signature that reflect
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
-----END PGP SIGNATURE-----