in rfc 2440 bis-18, section 6.2
ASCII Armor is described, as well as the different types of header
lines
in commandline versions of pgp and gnupg,
it is possible to just Armor a file,
not armor sign, or armor encrypt,
just armor
this is a useful way for including any file type as part of an
inline message, and then signing and encrypting the entire message,
thereby avoiding any attachments, and questions as to the safety
and authorship of the attachment,
but also not leaving one's signature on the file itself
this type of pgp 'output' is not described anywhere in rfc 2440
here are some examples
(using .txt for convenience, but any file type could be used):
[1] from pgp classic,
using the command: pgp -a filename
-----BEGIN PGP MESSAGE-----
Version: 2.6.3ia-multi06
comment: armored, unsigned, no time
owFbI5HElpimV1JRwgAEiUW5+UWpKQppmTmpAA==
=qOEV
-----END PGP MESSAGE-----
the same can be done from commandline 6.5.8
(have not tried the newest pgp commandline)
[2] from gnupg,
using the command: gpg --enarmor filename
-----BEGIN PGP ARMORED FILE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Use "gpg --dearmor" for unpacking
YXJtb3JlZCBmaWxl
=qvGS
-----END PGP ARMORED FILE-----
[3] from gnupg,
using the command: gpg -a --store filename
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: armored with timestamp included
owFbI53EqV+kn5imV1JR4nIuTC6xKDe/KDVFIS0zJxUA
=4HLX
-----END PGP MESSAGE-----
now,
each of these 3 examples fit the general description of
" - The ASCII Armored data "
listed in 6.2
under the paragraph: "Forming ASCII Armor"
the header "BEGIN PGP MESSAGE"
is described as "Used for signed, encrypted, or compressed files."
the above examples would technically fit under 'compressed files'
(even if compression is 0 )
one unusual feature in all three examples,
is that the line of armored message block is less than 64
characters.
is there a minimum length to a line of pgp armor?
(and if so,
should this type of armored file be padded to that minimum length?)
[really a 'nit', as it would occur only in extremely short files
such as a .txt of a few words, and would then just be quoted as
part of the inline message, and not armored anyway,
but am asking because am curious if there is a minimum line length
for pgp armor or not]
and should this type of message be listed anywhere in the rfc
as an open-pgp object?
(n.b.
some implementations, especially front-ends, have a little
difficulty dealing with this type of message,
as they expect either a signed or encrypted armored message,
so it might be helpful to alert implementors about this type,
and allow for simple de-armoring and saving the original file)
vedaal
Concerned about your privacy? Instantly send FREE secure email, no account
required
http://www.hushmail.com/send?l=480
Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485