ietf-openpgp
[Top] [All Lists]

Re: clearsigned sigs

1997-11-14 10:40:57
Hal Finney wrote:

Unfortunately the text mode signature is done slightly differently than
the cleartext signature.  The difference is that cleartext signatures
remove trailing whitespace on each line when calculating the hash.
I believe this was added because some mailers and gateways munged mail
which had trailing whitespace.  This is not a problem with signed/encrypted
messages since the cleartext is protected from munging.

Aha, I always wondered about this.  I had much the same problem with the
e$pam mailing lists (an ecommerce thing run by Bob Hettinga).  In this
case, there is leading spaces rather than trailing spaces, and the sigs
don't get picked up.  Worse, the spaces start at line 2, so we have one
space inserted in every line after the '-----BEGIN' so there is no
simple algorithm like "ignore the same spaces before the '-----BEGIN.' 
Generally, you would have to ignore all the spaces...

This is also not the first time that I have seen this munge feature
break PGP-style messages.  When we send SOX payments around the place,
we generally mail them.  The user knows to C&P them from the MUA to the
SOX agent.  However, the leading spaces tend to creep in from either the
original C&P or the extraction C&P.  This can be very difficult to track
down and rectify, and it is much more of a pain when you are dealing
with money.  A sig that doesn't work can be ignored, broken cash means
the loss of a customer.

So I would have thought that these packets, when in text-signed or ascii
armoured mode, should be readable with both leading or trailing
whitespace.  I don't know whether I'd make it a SHOULD, but a gentle MAY
would at least indicate to programmers of the potential problems.

Problem is of course, what happens when I send my signed balance sheet:

-----BEGIN MUNGE------
Credits       Debits
100
              100
-----BEGIN MUNGE SIG-----
I promise to pay the bearer the Credits minus the Debits...
-----END MUNGE SIG------

If the message you are signing has no trailing whitespace, you could convert
a signed-and-encrypted message into a clearsigned one by decrypting,
wrapping it in the appropriate headers, and appending the signature in
ascii armor form.  The sender could remove any trailing whitespace before
sending it to allow this to happen.

A gentle suggestion in the text then.  I suppose there will be some
software (Hollerith conversions?) that insists on blank padding, so it
should not be a SHOULD.

I am considering doing sign-and-encrypt by clearsigning and then
encrypting the clearsigned message.  This way you just decrypt and are
left with a nice clearsigned message, which you can then verify.

That should be there, yes.  One doesn't want to preserve the ascii
armouring, but one does want to preserve the sig, and (I would have
thought that) one should preserve the clear sig because it is visible,
and won't get lost.  This makes more sense when you are talking about
serious contracts, as people only want to see text and signatures.
-- 
iang                                      systemics.com

FP: 1189 4417 F202 5DBD  5DF3 4FCD 3685 FDDE on pgp.com

<Prev in Thread] Current Thread [Next in Thread>