[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Text canonicalization

To: ietf-openpgp@xxxxxxx
Subject: Re: Text canonicalization
From: David Shaw <dshaw@xxxxxxxxxx>
Date: Sun, 6 Jan 2002 11:00:53 -0500
In-reply-to: <OE241HQroJCIoo8oEoL00004973@xxxxxxxxxxx>; from vedaal@xxxxxxxxxxx on Fri, Dec 28, 2001 at 08:15:07AM -0500
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Mail-followup-to: ietf-openpgp@xxxxxxx
References: <200112051759.JAA27637@xxxxxxxxxx> <871yi8xnb1.fsf@xxxxxxxxxxxxxxxx> <> <20011227193337.F685@xxxxxxxxxx> <OE241HQroJCIoo8oEoL00004973@xxxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Mutt/1.2.5i

On Fri, Dec 28, 2001 at 08:15:07AM -0500, vedaal wrote:

> > This sounds very good, but what about detached signatures?  A detached
> > signature doesn't carry the text with it, so wouldn't the the text
> > (presumably delivered via http or ftp, which can change line endings)
> > need to be re-canonicalized for signature verification?  To a certain
> > degree this applies to a clearsigned document as well.
> ...
> also applies somewhat to GnuPG signed and encrypted messages when signed
> with a v3 rsa key, and GnuPG armored signed messages with a v3 rsa key,
> PGP interprets it as a 'detached' signature,
> and 'searches' (unsuccessfully) for the file trying to verify it.
> {not the case with v4 rsa sigs, which seem to act differently}

This is a slightly different problem - GnuPG would never make a
non-clear or non-detached signature with v3 keys that PGP 6 or 7
liked.  I fixed this a few days ago, and it works properly now.

David

-- 
David Shaw          |  Technical Lead
<dshaw@xxxxxxxxxx>  |  Enterprise Content Delivery
617-250-3028        |  Akamai Technologies

References:
- Text canonicalization
  - From: hal
- Re: Text canonicalization
  - From: Werner Koch
- Re: Text canonicalization
  - From: Jon Callas
- Re: Text canonicalization
  - From: David Shaw
- Re: Text canonicalization
  - From: vedaal

Prev by Date: new patent app conflicts with pgp
Next by Date: ANNOUNCE: NDSS'02 Early Registration Deadlines Approaching
Previous by thread: Re: Text canonicalization
Next by thread: Re: Text canonicalization
Index(es):
- Date
- Thread