On Mon, 31 Aug 1998, Ulf [iso-8859-1] Möller wrote:
BTW, why do clear-signed messages have a "Hash:" header? The hash
algorithm is given in the signature packet.
So that you can start hashing as you process the message. When there was
only one hash, it didn't matter. Now you would need to do several hashes
if you wanted to process it as a filter so you would be ready when you
hit the signatures. Otherwise you need to know which hashes to use in
advance (the logic behind the one-pass signature header).
(Note that the spec might not be clear, but if two signatures are
appended, one with MD5 and one with SHA1, both must be specified in the
Hash: header. No Hash: header implies MD5, but any Hash: header implies
the list is complete).