Thomas Roessler <roessler(_at_)does-not-exist(_dot_)org> writes:
[W] The signature on the example message is invalid.
Mhhhh. Do these signatures really have to verify? ,-)
I think the examples should be complete and instructive. Therefore,
the signatures should be valid.
[S] Neither OpenPGP nor OpenPGP/MIME specify the transfer format
of public key blocks, so this section doesn't make much
sense.
They don't sepcify the storage format, but section 10.1 of RFC 2440
describes transferable public keys.
Oh, I missed it. Thanks.
It could, however, be argued that the OpenPGP/MIME document should
be a bit more specific about what is expected in
applications/pgp-keys. Maybe like this?
A MIME body part of this content type contains ASCII-armored
Transferable Public Keys as defined in [1], section 10.1.
Perhaps you can refer to section 6.2 as well?
--
Florian Weimer
Florian(_dot_)Weimer(_at_)RUS(_dot_)Uni-Stuttgart(_dot_)DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898