On Thu, 21 Dec 2000, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:
On Thu, 21 Dec 2000, Ian Bell wrote:
* separator conventions use lines starting with multiple dashes. To
* improve interoperability in these cases, clients MAY omit the dash-
* escaping for lines that cannot be armor headers and that are not
* already dash-escaped. Lines beginning with dash-space (0x2D, 0x20),
I am not sure whether yoy are talking about an OpenPGP implementaion
or an MUA. We can't do that in the OpenPGP protocol.
The only thing we could do is to allow dash escaping in certain
situations like we do it for '^From '. But it may break other
applications and I don't know why it should make sense at all.
It makes sense from a MUA perspective because it increases
interoperability between MUAs in the real world. The problem can indeed
be ignored by open PGP implementations when they create clear-signed
text and can be dealt with by MUAs changing the dash-escaping before
posting in the way we have been asked to do.
However this pushes the problem on to the receiving openPGP
implementation. It is the receiving openPGP implementation that has to
parse the results of clear-signed messages with some dash-escaping
removed. They can either cope, or treat the message as an invalid clear-
signed message (as old versions of Turnpike used to do!). In the real
world, some users are changing the dash-escaping by hand and they have
found that PGP (NAI) copes well.
I feel that there should be at least a note to reflect what is being
done to the dash-escaping in order to make openPGP implementations
robust when they encounter such messages and hopefully to encourage them
to correctly verify signatures in such messages as PGP itself would do.
--
Ian Bell T U R N P I K E