I would really appreciate a bit of clarification with some of the
wording in 2440bis.
In section 6.2 ("Forming ASCII Armor"), the text says (and it's a
MUST) that there should be nothing after the second set of dashes in
the armor header line. That is: "-----BEGIN PGP SIGNED MESSAGE-----"
is okay, but "-----BEGIN PGP SIGNED MESSAGE----- " is not okay due to
the extra space on the end.
In section 7.1 ("Dash-Escaped text"), the text says that a signature
on a clearsigned message ignores trailing whitespace. I've read that
the intent behind that is to give some measure of robustness to the
message so it can get through mail systems that add or remove
whitespace at the end of lines.
Now here's the part I don't quite get - if it is okay to allow
trailing whitespace in the message contents, why is it not okay to
allow trailing whitespace after the armor header?
If the intent behind ignoring trailing whitespace was to help with
mail corruption, the fact that the message data allows trailing
whitespace doesn't really help since the armor headers surrounding the
message data would also become invalid with any added trailing
whitespace.
I do understand the armor header is not part of the message, and this
is likely just another example of "be conservative in what you
generate, liberal in what you accept". If I've misread this
somewhere, can someone please help clarify?
Thanks!
David
--
David Shaw | Technical Lead
<dshaw(_at_)akamai(_dot_)com> | Enterprise Content Delivery
617-250-3028 | Akamai Technologies