to all: what's the verdict?
The "verdict" is that there is a limit of 65535 on the length of each
of the hashed and unhashed segments. That's what the spec says, that's
what you do. Obviously this implies that each individual subpacket has
to be no larger than this. You can express the subpacket length using any
of the permitted encoding methods. There is no ambiguity that I can see.
The only "issue" was whether we might want to make a new signature version
in the future to hold larger subpackets, but the consensus seemed to be
that this would be a misuse of signature subpackets; such large amounts
of data should not be hidden within sigs, but should be expressed on
their own somewhere.
Hal