indefinite length, and to my mind, it's there to provide TLS-like function,
which is probably better done with TLS. :-)
I don't like them either, but they are there, and are perfectly valid to
And there are really applications for it: What about creating a tar
from a large filesystem , encrypt it, put it on tape or CD - Do you
really want to use a temporary file of such a size - only to put the
hash on the front? I started with GnuPG before I actually knew about
OpenPGP and invented an extension to the v3 format to allow encrypting
and signing of streams. There are indeed folks who encrypt large
amounts of data and they don't want to waste space for temporary files.
Conclusion: Partial length headers are absolutely needed.
And why wouldn't a MIC packet work, i.e. why do the 20 bytes have to be
tacked onto the end of the encryption stream without the virtual EOF and
one more packet?
And why not define that we put n bytes on the end of the encryption
stream and by some lucky coincident these bytes actually look like a
signature/MDC packet ;-)
Werner Koch at guug.de www.gnupg.org keyid 621CC013