Jon Callas <jon(_at_)callas(_dot_)org> writes:
No, it's there for things like PGP ticket. If someone is building a
lightweight authorization scheme, it's conceivable that a signature would
need to be bigger than 8383 bytes. V4 signatures don't allow that.
How did you calculate this?
5.2.3.1 says somewhere:
if the 1st octet = 255, then
lengthOfLength = 5
subpacket length = [four-octet scalar starting at 2nd_octet]
However, the octet count for the [un]hashed subpackets is limited to
65535.
Because this is a conflict we really should address it with a new v5
signature paket. Changes to an implementaion are minimal. And while
we are at it, we should consider to apply some rules to the name part
of notation data - so that we can have unique names. Thomas Roessler
already mentioned this and proposed a SSH like scheme for this.
--
Werner Koch at guug.de www.gnupg.org keyid 621CC013