[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Multiple OpenPGP messages per file: legal or not?
Ian G wrote:
> Hmm.... Consider this delicious example of a signed file:
> What would it mean if there were *two* such sequences in the one file?
It would mean there were two signed messages in that file.
> Does the order matter? Is there any meaning to what comes before or
> after that data stream? Does the file creation date mean anything?
These questions are beyond the scope of OpenPGP.
Also, I might as well ask the same questions about two separate files
with messages in. For example, if I follow this URL
http://webfunds.org/ricardo/contracts/webfunds/, there appear to be four
such messages linked. Does the order matter? blah, blah...
> In that example the app benefits from OpenPGP's decision to concentrate
> on the byte-stream definition. The app then arranges matters locally to
> extract out the byte-stream and deal with it, knowing that it is dealing
> with one and only one chunk. In that case, the app certainly ignores
> any follow-on packets, and/or declares an error, and it certainly
> doesn't want OpenPGP telling it to expect an endless stream of them.
The app is, of course, free to say "I expect a single OpenPGP message
per file". That doesn't mean the spec can't permit multiple messages per
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff