Lutz Donnerhacke wrote:
3.1.1 MIME
RfC 2015 "MIME Security with Pretty Good Privacy (PGP)" [2] contains all
information necessary to strip or apply this layer. It may make use of the
Ascii Armor layer, but the octect stream may also encoded directly using
MIME itself.
3.1.2 Ascii Armor
Similar to MIME encoding, the process of ascii armor encodes an 8-bit binary
stream of data into printable characters. Every three subsequent octets are
mapped into four subsequent ASCII characters. Futhermore ascii armor
encoding also appends a special CRC to detect transmission errors. In order
to ease recognition of Ascii Armored messages, a special header and footer
is provided.
From RFC 2015:
PGP can generate either ASCII armor (described in [3]) or
8-bit binary output when encrypting data, generating a
digital signature, or extracting public key data. The ASCII
armor output is the REQUIRED method for data transfer. This
allows those users who do not have the means to interpret
the formats described in this document to be able extract
and use the PGP information in the message.
To me, this sounds reasonable.
3.1.3 Cleartext signature framework
Dash escaped cleartext is the ordinary cleartext where every
line starting with a dash '-' (US-ASCII 0x2D) is prepended by
the sequence dash '-' (US-ASCII 0x2D) and space ' ' (US-ASCII
0x20). This prevents the parser from recognising armor headers
of the cleartext itself. The message digest is computed using
the cleartext itself, not the dash escaped form. So it is
possible to seperate or join a signature from or to a cleartext
without resigning it.
PGP 2.6's clear text armor goes a little bit beyond RFC 1113
which defines the original dash escaped text: Lines beginning
with the five characters "From " are escaped as well.
tlr
--
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
1280/593238E1 · AE 24 38 88 1B 45 E4 C6 03 F5 15 6E 9C CA FD DB