Re: KeyId subpackets1998-07-23 10:33:34I had not noticed that the spec required the issuer keyid to be in the hashed area. PGP 5.X has always put it in the unhashed area. The theory is that this is advisory information to help the software find the key which issued the signature. In some applications it may not be necessary, such as for an embedded system which has hardwired keys. There is no security reason to put it in the hashed area. Can we change this in the draft or is it too late? Hal
|
|