On Tue, 18 May 1999, Werner Koch wrote:
hal(_at_)rain(_dot_)org writes:
unused public key algorithm, so that no implementations will attempt
to verify the signature. I used zero, but we could use 100 if that
So what about this small change:
5.2.3. Version 4 Signature Packet Format
The body of a version 4 Signature Packet contains:
- One-octet version number (4).
- One-octet signature type.
Would this even apply?
| - One-octet public key algorithm or a value of zero to indicate
| that no multi-precision integers follow.
The PGP signature consists of the MPIs, therefore if there are no MPIs,
there is no signature...
- One-octet hash algorithm.
Why is anything hashed if the result (except for 2 bytes) has no where to
go? So should this even be here?
- Two-octet scalar octet count for following hashed subpacket
data. Note that this is the length in octets of all of the hashed
subpackets; a pointer incremented by this number will skip over
the hashed subpackets.
- Hashed subpacket data. (zero or more subpackets)
If we can't do anything with the result, why have anything here? (Also is
it really zero since I think there are some MUST subpackets). Shouldn't
all this be in the unhashed area if it isn't being hashed, much less
signed?
- Two-octet scalar octet count for following unhashed subpacket
data. Note that this is the length in octets of all of the
unhashed subpackets; a pointer incremented by this number will
skip over the unhashed subpackets.
- Unhashed subpacket data. (zero or more subpackets)
- Two-octet field holding left 16 bits of signed hash value.
| - Zero or more multi-precision integers comprising the signature.
| This portion is algorithm specific, as described above.
Then this is not a signature, so why put it in the signature packet?
Anything without a PGP digital signature belongs in a literal packet, or
perhapse elsewhere. Hashed but unsigned anything is still being discussed
- i.e. what form the MDC stuff will take.