[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: V5 signatures



"William H. Geiger III" <whgiii@openpgp.net>:

> IMNSHO it is brain dead to stuff data into signature packets. It is not
> where it belongs. PGP has a very nice and simple signature format: A hash
> of the data encrypted with the signer's public key. [...]

You mean "private key", obviously, but in any case that phrase should
be eliminated from discussions on digital signatures.  Signatures are
not about encrypting; it's just that in the scheme abstractly
described by Diffie and Hellman and made practically by Rivest, Shamir
and Adleman, signing and decryption are done in the same way.  This is
not true in general, and particularly not for ElGamal and DSA
signatures.