On Thu, 26 Mar 1998, Hal Finney wrote:
tzeruch(_at_)ceddec(_dot_)com writes:
We may want to add a note to the One-Pass Signed Message grammar in
10.2 to clarify that the end signature must be by the same key as the
one-pass packet. That will insure that they can be paired up properly.
That is what is needed. It isn't clear that the real sig relates to the
prefix.
There are other parsing rules, but most are of the form
prefix(message)
so conventional signatures would be
sigp(message)
and nested sig packets would always parse as
sigp(sigp(sigp(message)))
The grammar is a bit confusing for the 1pass since it is like a C
do{}while(); construct, i.e.
1ps(message)sigp
so parsing such messages should be unambiguous.
The very inside must be a conventionally encrypted, compressed or literal
packet. ESKs and Signatures act as structure starts (like while(){}), and
1 pass signatures like structure pre-and-posts (like do{}while()).
--- reply to tzeruch - at - ceddec - dot - com ---