The paragraph in section 5.3 (the one following the definition of the
packet body) reads as follows:
"The data being signed is hashed, and then the signature data from the
version number through the hashed sub-packet data (inclusive) is hashed.
The..."
From my previous e-mails regarding signatures, it seems it should read
something like:
"To produce a signature, the data to be signed has the signature data from
the version number through to the hashed sub-packet data (inclusive)
appended to it. This data is then hashed and the resulting hash value is
signed. The..."
Is that right?
This is from 5.2.2 in the RFC.
Neither description is all that great, IMO. "First this data is hashed,
then that data is hashed" may not make it clear that all the data is
feeding into one hash context. And the language about appending to the
data may be taken literally by a naive implementer who thinks he has to
construct a buffer holding this data all appended together nicely before
feeding it to the hash function.
Furthermore the corresponding language in 5.2.3, which describes what is
hashed for V4 signature packets, is missing the description of the five
byte postscript, which is wrong.
I think it would be best in each case simply to refer to section 5.2.4,
Computing Signatures, which gives a more complete description of exactly
what is hashed. You might want to look there and see if the language
is unclear.
Hal