On Fri, 8 Dec 2000, Marc Horowitz wrote:
3. Subpacket 23 (key server preferences) is specified to be "found
only on a self-signature". It should say if that means a direct
key signature (which makes the most sense to me), or something
As with many other subpackets there is no clear definition on what
to do and it is left to the implementor to decide this. From my
understanding it does make sense to handle such things this way:
* If it is on any direct key signature, use this one (or exactly
the one on the latest direct key signure.
* Otherwise take it from the latest self-signature.
(I have worked out some more rules and checked them with Hal.
Currently I can't access them - please ask me next week, if you are
interested)
4. The document is vague on what constitures "advisory information" in
a signature subpacket (section 5.2.3). I believe that unhashed
signature subpackets were a mistake (I can expound on this if
No, they make sense. It may happen that you need to store some meta
information about a signature which you have to calculate after
signature creation.
However, a big warning about unhashed stuff should be present.
5. There should be a note that the critical bit MUST be ignored on
unhashed signature subpackets. Otherwise, an attacker can easily
cause any signature to fail to verify.
Does not make sense. An attacker can make _any_ signature fail but
just flipping one bit.
Werner