At 5:47 PM -0700 6/18/1999, hal(_at_)finney(_dot_)org said:
Couldn't this be done though by simply defining a data packet format
as for any other protocol, then signing the data packet? I don't see
any inherent reason why all authenticated data must go in sig packets.
Sigs authenticate the data packets they sign, so anything in those data
packets is as strongly authenticated as the contents of the sig packets.
Sure. It can be done that way, too. The advantage of doing it in a
signature packet is that it is a self-describing object with a tag and a
length. It's useful.
Jon