-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Apr 16, 2003 at 03:40:24PM -0400, Michael Young wrote:
From: "David Shaw" <dshaw(_at_)jabberwocky(_dot_)com>
In the case of notary signatures, there is no "C" to specify. It is
merely signature A (the 0x50 signature), on data B (the signature to
be notarized). There is no benefit in specifying B twice as the data
to be signed and then again as an additional subpacket.
I'd agree that the benefit is slight at best. I suppose if
you had "B" and the material it covered (so that you could generate
B's hash), and you had a disorganized bunch of notary signatures,
then you could pick out the matching ones faster if they had
target subpackets. This doesn't seem like a compelling scenario. :-)
There is actually another reason why using targets for notary
signatures is not really good: one of the nice features of notary
signatures is that the notarizer doesn't need the original signer's
public key or the material the original signature covered. All the
notarizer needs is the signature packet. Unfortunately, to use a
signature target in the notary signature, the notarizer needs the
original signer's public key to extract the hash from the original
signature packet...
I suppose we could solve that problem by defining a signature target
to be the canonical hash of the signature being targeted, but even
then there is still no good reason why using a target for notary
signatures needs to be a SHOULD.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2rc2 (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc
iD8DBQE+nc1c4mZch0nhy8kRAjTQAJ42SnhAoD42MFWJjin3KJXBxZrMDACeNDqK
hGj20/LjG6I8lBPGqigWOlA=
=a8B8
-----END PGP SIGNATURE-----