ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: OP and pgp5.0i: some problems

1997-12-03 11:47:07
from [Hal Finney] [Permanent Link] 
On Wed, 3 Dec 1997, Maksim Otstavnov, <maksim(_at_)volga(_dot_)net>, wrote:

1.1

"Charset" header needs defining. Values defined in 2.6.xi need 
enlisting. A mechanism for charsets registration, or embracing 
charsets otherwise registered needs defining.


I don't know much about the charset stuff.  Does it just affect how
the signature is calculated, or does it actually affect how the data
is decoded out of a literal packet?


5.0(i) for Windows works with  the three exact types 
of object: (1) files, (2) clipboard text, and (3) data provided 
by an MUA plugin through API. Right?

I cannot test mode (3) now, but the first two (files, with "Text
output" on and "Sign clipboard text" from PGPtray) both produce
a clearsigned 8-bit text which is  in some sence "correct"


There are really two questions the signature software needs to know.
Is the input to be clearsigned vs binary signed, and should the output
be in text form.  In 5.0 these were combined into one checkbox, but
logically there is another possibility, a binary signed file which is
ascii armored for output.


2.2 Problems with clearsigning

There are still problems however.

(1) 8-bit clearsigning is not described anywhere (I presume). I 
strongly believe it needs defining at least as "SHOULD" in 
OP.


How does this differ from the clearsigning description in the draft?


(2) "charset" setting is somewhat misleading. For instance, when I
sign a 8-bit text content of Windows clipboard, it is usually
meaningful in Windows native coding (the so called Windows-cpXXXX, is
it described anywhere?), "windows-cp1251" for Russian. But I have
"charset" header in sig armor set in "noconv". PGP 2.6.3i (on all
platforms) and most other programs interprete "noconv" as equivalent
to a native codepage of the receiving system. (In particular, "KOI8-R"
extended charset as Russian standard for open systems).


I don't understand charsets so I can't comment on this.


(3) If sending MUA is to perform any other (not cryptographic)
8-bit-to-8-bit or 8-bit-to-7-bit transmutation of a msg, the MUA must
first do this transmutation, then sign the message, and a receiving
MUA must first check signature, then perform any other transmutations.
Right? 


I hope not.  Can't we just leave the messages alone?  Trying to translate
an 8-bit Cyrillic document into 7-bit printable US-ASCII sounds like a
nightmare.

Sorry can't be more help, this is not an area I know much about.

Hal Finney
hal(_at_)pgp(_dot_)com
hal(_at_)rain(_dot_)org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Comments on current draft, Hal Finney
Next by Date:  Re: new algorithm identifier of the symmetric cryptosystem., stewarts
Previous by Thread:  OP and pgp5.0i: some problems, Maksim Otstavnov
Next by Thread:  Re: OP and pgp5.0i: some problems, Maksim Otstavnov
Indexes:  [Date] [Thread] [Top] [All Lists]