Re: Series of minor questions about OpenPGP 4
2009-01-30 10:43:36On 01/29/2009 03:53 PM, David Shaw wrote:
I suppose if you had an implementation that insisted on using the first signature, regardless of the date, then the revocations would force it to look at the last signature.. but then, an implementation that did that may have other odd semantics elsewhere. It may conclude that there is no signature at all (after all, the one signature it was looking at is revoked).
This would be a particularly odd implementation because "the first
signature regardless of date" has no meaning in OpenPGP, iiuc. There's
nothing stopping a re-ordering of signature packets, and a certificate
that looks like this:
primary_key
\-uid
+--sigX
\--sigY
Is semantically equivalent to this:
primary_key
\-uid
+--sigY
\--sigX
And in fact, keyservers will often have to re-order signature packets if
they gather data from disparate sources.
--dkg
signature.asc
Description: OpenPGP digital signature
| Previous by Date: | Re: Ideas on new user attribute types and image formats, Daniel Kahn Gillmor |
|---|---|
| Next by Date: | Re: Series of minor questions about OpenPGP 4, David Shaw |
| Previous by Thread: | Re: Series of minor questions about OpenPGP 4, David Shaw |
| Next by Thread: | Re: Series of minor questions about OpenPGP 4, David Shaw |
| Indexes: | [Date] [Thread] [Top] [All Lists] |