On Tue, Oct 28, 2003 at 04:56:18PM -0500, Michael Young wrote:
I like the general proposal, for all of the reasons that David
listed.
My only question is about the encoding of the cross-signature
subpacket contents. It could be anything from:
a full Signature packet (including packet header); to,
just the Signature packet contents; to,
a leaner form with just the required fields (hash algorithm
and signature MPIs), with the rest being assumed for the
hash computation in order to reuse that.
I could live with any of these, but I lean toward the middle one.
As do I, for reasons given below, as well as for reasons of
simplicity.
If we do use a regular Signature packet (with or without header),
then I'd like to see a recommendation on what subpackets it should
contain. The usual rules don't apply: for example, the issuer is
known. I don't see a *need* for any subpackets, even creation time
(but I'm open to arguments).
I think it really depends on what the signature-in-a-subpacket is
being used for. For the back-signature, it probably doesn't need any
subpackets. At the same time, it doesn't hurt to include them. Does
it matter very much?
I'd like to see the signature-in-a-subpacket used for other things
like notary signatures. For that usage, the issuer and timestamp is
relevant.
David