Thomas Roessler <roessler(_at_)does-not-exist(_dot_)org> writes:
The text/binary mode interop problem is related to trailing
whitespace. It is not related to the presence or absence 8bit
characters.
OpenPGP textmode signatures are not very well-defined. First of all,
OpenPGP requires text to be encoded in UTF-8, a requirement which is
hardly followed in practice. In addition, there are at least four
Unicode characters relating to line endings: U+000A, U+000D, U+0085
(NEXT LINE or NEL, somehow related to ISO 6429), U+2028 (LINE
SEPARATOR, native to the Unicode standard). Especially U+0085 could
be considered as a line terminator by some implementations which are
closely related to an EBCDIC environment (AFAIK, this control
character is used to represent a line-terminating EBCDIC control
character when using one of the bijective EBCDIC <-> ISO 8859 maps).
So 8-bit data signed by a text-mode signature should not include the
following octets: 0x0a, 0x0d, 0x85 (ISO 8859 represenation of NEL),
the octet sequence 0xc2 0x85 (UTF-8 representation of NEL), and the
octet sequence 0xe2 0x80 0xa8, which is the UTF-8 representation of
the LINE SEPERATOR character. This does not include any legacy ;-)
East-Asia encodings (which might be used instead of UTF-8 for encoding
the signed text), and overlong UTF-8 sequences (which are not
permitted in theory, but implementations might disagree).
Given these problems, I think it's not wise to assume that text-mode
signatures are binary-transparent in any way.
(USEFOR currently overrides the analogous requirement in RFC 2015.)
I hope you're joking.
No, I'm afraid. :-/
Could you please send the relevant sections from the latest usefor
draft to this list?
I think you've already found them. I've raised this issue as well on
the list, hopefully it is addressed properly.
--
Florian Weimer
Florian(_dot_)Weimer(_at_)RUS(_dot_)Uni-Stuttgart(_dot_)DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898