ietf-openpgp
[Top] [All Lists]

Re: some requests

2001-02-09 11:32:16
Thomas Roessler <roessler(_at_)does-not-exist(_dot_)org> writes:

I suppose that your preferred solution would be to mandate
binary-mode signatures, so there is no need to give extra protection
to trailing whitespace.  However, specifying this would mean that
most current implementations don't conform to the spec, unless I'm
severely mistaken.  Florian?

IMHO, the best solution is to use a new signature type (i.e. signature
on a MIME part) in RFC 2440bis:

   0x41: Signature of a MIME part.
       This means the signer owns it, created it, or certifies that it
       has not been modified.  The signature is calculated over the
       text data with its line endings[1] converted to <CR><LF> and
       trailing blank characters on each line removed.  Trailing blank
       lines are also removed.

Otherwise, we have to deal with this kind of problems for years.

[1] See comment in the next article.

-- 
Florian Weimer                    
Florian(_dot_)Weimer(_at_)RUS(_dot_)Uni-Stuttgart(_dot_)DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

<Prev in Thread] Current Thread [Next in Thread>