-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
"David Shaw" <dshaw(_at_)jabberwocky(_dot_)com> writes:
It's not just signing the COMPRESSED packet. Using Derek's
interpretation, you can also do possibly useful things as
sign-encrypt-sign or encrypt-sign-encrypt a message and have the
parser handle it automatically.
...
I suppose the user could create
LITERAL(SIGN(ENCRYPT(SIGN(LITERAL(x))))) or
LITERAL(ENCRYPT(SIGN(ENCRYPT(LITERAL(x))))) and sign that, but we're
getting complex again since the parser shouldn't be looking inside a
*literal* packet for more OpenPGP data to parse.
I'd use COMPRESSED (with no compression) here instead, which
generally are parsed for other packets. But, I agree that this
looks messy for SES or ESE applications.
I can live with the special case. (The fact that the new
implementation conformed to Derek's rule provides further persuasion.)
I agree, but on the subject of the SIG+LITERAL (or SIG+OPENPGPOBJECT)
format, I'd actually like to see it deprecated (in the "understand
this, but please don't generate it" sense). The ONEPASS signature
method is far superior, and we can at least start the slow process of
getting all implementations to use it.
I concur.
The ONEPASS method can also easily handle such constructions as
ONEPASS+OBJECT+OBJECT+OBJECT+SIG, which SIG+OBJECT cannot.
Only for non-signature OBJECTs.
I'd rather not complicate the rules any further to allow this
construction. (It is not permitted now.)
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQA/AwUBPyqmjuc3iHYL8FknEQJq/gCcD7g29C4DxhPxYL2T8R1wRyrH/w0AnAl9
I9Pmkrp6sXv4nq8gU0XstLVX
=D06R
-----END PGP SIGNATURE-----