[Top] [All Lists]

Re: Whither comment packets?

2002-04-18 10:17:29

On 4/18/2002 9:44 AM, "David Shaw" <dshaw(_at_)jabberwocky(_dot_)com> wrote:

I understand that at some point in the past one of the OpenPGP drafts
had a "comment packet" defined.  It seems to have been dropped
somewhere along the way, and I was wondering if anyone recalled why?

Yes, it was seen to be a security problem. An evil implementation could leak
things (like your keys) there, or use it as a way to do key-size reduction.
The area directors were forceful and persuasive in their arguments.


<Prev in Thread] Current Thread [Next in Thread>