On Fri, Mar 07, 2003 at 09:41:02PM -0500, Jeroen C. van Gelderen wrote:
On Friday, Mar 7, 2003, at 20:40 US/Eastern, David Shaw wrote:
On Fri, Mar 07, 2003 at 02:27:57PM -0500, Michael Young wrote:
- > ... A sentence saying something like "Any
- > other line MAY be dash-escaped as well at the discretion of the
- > sender" would be very helpful here.
-
- Sounds good, but as David points out, this may break existing
receivers.
- See if yours can verify this. (PGP6.5.3 silently accepts it.
- GnuPG1.2.1 emits warnings on each line; it cannot verify this
- signature, but if I remove the blank input line above, it can.)
The point is that future receivers will know that such a thing is
possible. They still don't have to support it - it's a MAY.
Erm, not the way I read it. A compliant implementation MAY generate
arbitrary dash escapes at the sender's discretion. A compliant receiver
MUST thus be able to handle this as it is a valid OpenPGP message. You
can't expect the sender to perform a capability check with the receiver
before sending the message.
Sorry, my error. You are completely right.
It's hard to support something before it has been documented ;)
That definitely is true. But OpenPGP kinda documents the pre-existing
PGP. And it seems that the GnuPG people did test their implementation
against PGP which prompted allowing arbitrary escapes, albeit with a
warning.
Exactly. There happens to be a minor detail of the GnuPG code so that
blank lines that are escaped are not accepted (i.e. a line with only
"- "), but that is easily remedied.
David