ietf-openpgp
[Top] [All Lists]

Re: One-pass signatures

1998-07-25 21:42:46
On Sun, 26 Jul 1998, Andrew Bromage wrote:

G'day all.

dontspam-tzeruch(_at_)ceddec(_dot_)com wrote:

Interpretation 1 1{2,3{lit}3,2}1, i.e. sigs in reverse order of 1pass
headers is the proper one.  Someone check the syntax again.

The syntax doesn't say that.  As section 10.2 currently reads,
{1pass-1 1pass-2 {lit} sig-1 sig-2} is a valid sequence SYNTACTICALLY,
since the syntax doesn't say that the one-pass packet and trailing
signature packet correspond to the same signature.  The semantics (see
section 5.4) don't help, because they only say that the signature packet
corresponding to a one-pass packet should be "at the end of the message"
without saying where.

So what you are saying is that:


   One-Pass Signed Message :- One-Pass Signature Packet,
               OpenPGP Message, Signature Packet.

doesn't imply that the One-Pass Signature Packet which prefixes the
message MUST correspond to the Signature Packet which comes after the
message.

Would this be better:

   One-Pass Signed Message :- One-Pass Signature Packet,
               OpenPGP Message, Corresponding Signature Packet.


(Thanks for the C example, I didn't realize that was a valid construct).

--- reply to tzeruch - at - ceddec - dot - com ---