ietf-openpgp
[Top] [All Lists]

Re: V5 signatures

1999-05-28 01:20:41
Jon Callas <jon(_at_)callas(_dot_)org> writes:

No, it's there for things like PGP ticket. If someone is building a
lightweight authorization scheme, it's conceivable that a signature would
need to be bigger than 8383 bytes. V4 signatures don't allow that.

How did you calculate this?

5.2.3.1 says somewhere:

       if the 1st octet = 255, then
           lengthOfLength = 5
           subpacket length = [four-octet scalar starting at 2nd_octet]

However, the octet count for the [un]hashed subpackets is limited to
65535.

Because this is a conflict we really should address it with a new v5
signature paket.  Changes to an implementaion are minimal.  And while
we are at it, we should consider to apply some rules to the name part
of notation data - so that we can have unique names.  Thomas Roessler
already mentioned this and proposed a SSH like scheme for this.


-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013


<Prev in Thread] Current Thread [Next in Thread>