On Friday 03 February 2006 17:43, Ian G wrote: > Ben Laurie wrote: > > This could be confusing - documents that were signed with a key > > specified like this could retroactively find themselves predating the > > key. > > Why is this important? The date on the key is > just "there" and isn't of such strength that it > should be stressed overly much. Consequently one would also need to scrap the logic that a signature is invalid if it predates the key (that's somewhere in RFC2440). Why not: hash the _complete_ public key packet _as_is_ without any modifications? The computational load of hashing a few bytes more and of slicing them first should be about identical. It is very easy to implement (read as: less potential security holes through programming mistakes and higher interoperability). It is much more resistant against upcoming attacks than a selective model. Konrad
Attachment:
pgp8fHwwwPeOw.pgp
Description: PGP signature