ietf-openpgp
[Top] [All Lists]

Re: PGP/MIME implementors: text mode vs. binary mode?

2001-04-14 23:36:14
On 2001-04-14 11:06:18 -0700, hal(_at_)finney(_dot_)org wrote:

First, my description above referred to the behavior of NAI's
commercial implementation of PGP on PGP/MIME messages.  RFC 2440
does not discuss PGP/MIME messages, so it would not be
appropriate to put such information into RFC 2440.

PGP/MIME makes use of the OpenPGP format.  

It says very clearly what's the signed material, and that an OpenPGP
signatur is generated.  This means, of course, that no changes
should be done to the signed material beyond what the OpenPGP spec
mandates.

In particular, PGP/MIME does NOT define any new hash methods, or new
canonification methods to be performed by the back-end. It just
refers the reader to the OpenPGP (or PGP) specification for all
these points.

Thus, Ulf's question remains valid: If you follow the old behaviour
in one of the more important fields of application anyway, why on
earth didn't you make sure RFC 2440 and your applications followed
this kind of behaviour in general?  After all, he had indeed warned
of the inconsistency introduced by RFC 2440.

But, anyway, the new spec resolves this by prohibiting trailing
whitespace, which brings other problems, but seems to be the only
compatible way out of this mess.

-- 
Thomas Roessler                     <roessler(_at_)does-not-exist(_dot_)org>