-----BEGIN PGP SIGNED MESSAGE-----
As this is so, what is the purpose of the checksum?
- From context, I gather you're talking about the ASCII armor checksum,
not the encrypted checksums inside key or session key packets?
The purpose is simply to reduce transmission accidents, which is the
point to armoring in general. As you observed, the (dearmored) PGP
packets are complete without it, and can be properly interpreted. An
OpenPGP implementation certainly *could* insist on it being complete.
Note that the armor checksum is done on the entire *encoded* message,
not the plaintext, so it does not deter malicious alterations. The
OpenPGP draft now includes a modification detection code to address
malicious alteration or truncation.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBOs+jOmNDnIII+QUHAQGRiQf+MojoFO08xGr57VDGLXXCxHELqOMzfhGy
PTmXfIT4JjVdd5q7ifEihXzcpzP+YNhyraDTqCvyBKH0jUZU9Tqjnb09IoMaOXd6
YOTM5HKXW6+C+MURcbQb3v5jzolnEKI4kc5whk9Zq331oFNSDbQlGcTRrD/LS4p0
NbqkxEVEsyAeDczUMv4BZuj5GjaIRX5BRY1zm3ycjoDeQgbdVOHAvfZPxx8XxDqZ
VrNRaBjISjTfDMvX11O3VO7W84ozdZYA6X0Je1aVdBhHDDL3Oa0XhSZESgKJWgA1
V7mGncQzwqJ29unLZTSvrpsE1+6r68Jjb9SVb9YCwlr71Iy0Y4Fr0Q==
=RO9X
-----END PGP SIGNATURE-----