[Top] [All Lists]

Re: Signature targets and where they should be used

2003-04-16 12:41:47

Hash: SHA1

From: "David Shaw" <dshaw(_at_)jabberwocky(_dot_)com>
  Note that a notary signature SHOULD include a Signature Target
  subpacket to give easy identification.

I disagree this is necessary.  As I see it, the point of a signature

The SHOULD language suggests best practice, not strict requirement.
For notary signatures, that's still quite a stretch, though.

On the other hand, I'd love to see a SHOULD clause for revocations.
The Target subpacket eliminates an ambiguity -- without it, the
revocation could refer to any original signature for the same
key/uid.  (There is no such ambiguity for notary packets, as
the whole original signature is hashed.)  I think that unambiguous
identification is surely a best practice.

So, could you simply move the SHOULD clause from the notary
signature section to revocations :-?

In the case of notary signatures, there is no "C" to specify.  It is
merely signature A (the 0x50 signature), on data B (the signature to
be notarized).  There is no benefit in specifying B twice as the data
to be signed and then again as an additional subpacket.

I'd agree that the benefit is slight at best.  I suppose if
you had "B" and the material it covered (so that you could generate
B's hash), and you had a disorganized bunch of notary signatures,
then you could pick out the matching ones faster if they had
target subpackets.  This doesn't seem like a compelling scenario. :-)

Version: PGP Personal Privacy 6.5.3


<Prev in Thread] Current Thread [Next in Thread>