[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Outstanding question - rule on cleartext signing last line

To: "Daniel A. Nagy" <nagydani@xxxxxxxxxxxxxxxx>
Subject: Re: Outstanding question - rule on cleartext signing last line
From: Ben Laurie <ben@xxxxxxxxxxxxx>
Date: Mon, 26 Dec 2005 17:03:59 +0000
Cc: OpenPGP <ietf-openpgp@xxxxxxx>
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
References: <> <> <> <> <> <> <>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Thunderbird 1.5 (Windows/20051201)

Daniel A. Nagy wrote:
> On Mon, Dec 26, 2005 at 12:29:15PM +0000, Ben Laurie wrote:
>> David Shaw wrote:
>>> On Thu, Dec 08, 2005 at 01:23:01PM +0100, Werner Koch wrote:
>>>> On Thu, 08 Dec 2005 11:43:48 +0000, Ian G said:
>>>>
>>>>> But I think we need to hear from the PGP Inc and GPG
>>>>> architects on this?
>>>> I recall that we tweaked gpg's behaviour in this regard until all
>>>> users were satisfied.  Thus I'd say not to add new requirement to the
>>>> specs.
>>> I agree.  I think the spec is just fine in this regard: the final CRLF
>>> (the one before the "-----BEGIN PGP SIGNATURE-----") is not part of
>>> the signature.  That allows for the GPG behavior to preserve the
>>> presence or lack of line ending on the last line.
>> However, it doesn't. This strikes me as a bug both in GPG and in the spec.
> 
> Yes it does. GPG behaves slightly differently with messages entered from the
> console, but that makes a lot of sense, too. I don't see any bugs in either
> the specs and GPG. I have coded up my own OpenPGP implementation based on
> the spec (http://pgp.epointsystem.org/tool) and it interoperates perfectly
> with GPG.

I have just tested GPG yet again, and cleartext signatures of two files,
one without a newline at the end, and one with, look identical:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

test
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/
**  ApacheCon - Dec 10-14th - San Diego - http://apachecon.com/ **
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Follow-Ups:
- Re: Outstanding question - rule on cleartext signing last line
  - From: Daniel A. Nagy

References:
- [Fwd: [PGP-USERS] Word Wrap Problems with PGP 9.0.3]
  - From: Ian G
- Re: [Fwd: [PGP-USERS] Word Wrap Problems with PGP 9.0.3]
  - From: Daniel A. Nagy
- Outstanding question - rule on cleartext signing last line
  - From: Ian G
- Re: Outstanding question - rule on cleartext signing last line
  - From: Werner Koch
- Re: Outstanding question - rule on cleartext signing last line
  - From: David Shaw
- Re: Outstanding question - rule on cleartext signing last line
  - From: Ben Laurie
- Re: Outstanding question - rule on cleartext signing last line
  - From: Daniel A. Nagy

Prev by Date: Re: Outstanding question - rule on cleartext signing last line
Next by Date: Re: Outstanding question - rule on cleartext signing last line
Previous by thread: Re: Outstanding question - rule on cleartext signing last line
Next by thread: Re: Outstanding question - rule on cleartext signing last line
Index(es):
- Date
- Thread