ietf-openpgp
[Top] [All Lists]

Relevant diffs between -04 and -05

1998-06-15 16:15:20
This is it. I edited out header/footer diffs, TOC diffs, and version number
change diffs.

        Jon

749c749
<    MUST be at least 512 octets long. Partial Body Lengths MAY NOT be
---
   MUST be at least 512 octets long. Partial Body Lengths MUST NOT be
1285,1287c1285,1287
<    uncompressed data is preferred; the key holder's software may not
<    have compression software. This is only found on a self-signature.
<
---
   uncompressed data is preferred; the key holder's software might have
   no compression software in that implementation. This is only found
   on a self-signature.
1934,1935c1934,1935
<    implementation uses more bits of compression, If an implementation
<    uses more bits of compression, PGP V2.6 cannot decompress it.
---
   implementation uses more bits of compression, PGP V2.6 cannot
   decompress it.
2199a2200,2208
     - "Hash", a comma-separated list of hash algorithms used in this
       message. This is used only in clear-signed messages.

     - "Charset", a description of the character set that the plantext
       is in. Please note that OpenPGP defines text to be in UTF-8, so
       this Armor Header Key is only useful for backwards
       compatibility. An implementation MAY implement it; an
       implementation MAY ignore it.

2361c2367
<      - Zero or more "Hash" Armor Headers,
---
     - One or more "Hash" Armor Headers,
2373,2375c2379,2382
<    SHA-1 is used. If more than one message digest is used in the
<    signature, the "Hash" armor header contains a comma-delimited list
<    of used message digests.
---
   MD5 is used, an implementation MAY omit them for V2.x compatibility.
   If more than one message digest is used in the signature, the "Hash"
   armor header contains a comma-delimited list of used message
   digests.
2877c2887
<    algorithm identifier 20.
---
   algorithm identifier 20 for an Elgamal public key that can sign.
2961a2976,2982
   Many security protocol designers think that it is a bad idea to use
   a single key for both privacy (encryption) and integrity
   (signatures). In fact, this was one of the motivating forces behind
   the V4 key format with separate signature and encryption keys. If
   you as an implementor promote dual-use keys, you should at least be
   aware of this controversy.

2973c2990,2991
<    could leak the secret key.
---
   could leak the secret key. These same considerations about the
   quality of the hash algorithm apply to Elgamal signatures.
3030,3031c3050,3052
<      * PGP 5.0 can read an RSA key in V4 format, but will only
<        recognize it using V3 format.
---
     * PGP 5.0 can read an RSA key in V4 format, but can only recognize
       it with a V3 keyid, and can properly use only a V3 format RSA
       key.
3041,3043d3061
<      * PGP 2.6.x and PGP 5.0 sometimes add to the beginning of a file a
<        zero-length compressed data packet.
<



<Prev in Thread] Current Thread [Next in Thread>