-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Jul 30, 2003 at 03:45:23PM -0400, Derek Atkins wrote:
David Shaw <dshaw(_at_)jabberwocky(_dot_)com> writes:
Is this the intent? And if so, in a SIG+COMPRESSED(LITERAL) message,
is the SIG issued over COMPRESSED(LITERAL) or LITERAL ?
I believe it is the intent, and in the SIG+(COMPRESSED(LITERAL) the
SIG should be issued over the COMPRESSED(LITERAL). The only special
case that I know of is SIG+LITERAL, where the SIG is over the data
inside the literal and doesn't include the literal packet itself.
ONEPASS+LITERAL+SIG is another case.
However, all other constructions should build the SIG over the
underlying PGP message object.
This sounds very reasonable to me. I think a word or two to make that
clear in the draft would be helpful: something that indicates that
"bare" literal packets should have their contents hashed, but anything
else should be hashed whole.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc2 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iEYEARECAAYFAj8p3DUACgkQ4mZch0nhy8kypwCfYdiXIoUPIKW55TEhUKlyFVWc
YdMAoIQZtyNI8OoqXC0uI+PJ/7+7El++
=9IWM
-----END PGP SIGNATURE-----