ietf-openpgp
[Top] [All Lists]

Re: 3rd-party Signatures in a One-Pass Signed Message

2003-10-28 15:44:00

On Tue, Oct 28, 2003 at 10:15:48PM +0000, poiboy(_at_)SAFe-mail(_dot_)net wrote:

Since a notarization of a [target] signature signs the target's
packet body (irrespective of hashed or unhashed portions), the
notarization-in-a-subpacket will (once settled) effectively sign
everything around itself and must be removed from the packet body
string before it can be verified (signatures-in-subpackets used for
subkey bindings don't have this feature because the subpacketed
signature did not target its own parent).

I had expected that a notarization would not include any of the
unhashed data from the original signature.  After all, that data is
not part of the original signature.  Looking at the problem with this
in mind, the notary signature doesn't have to be removed before
verification since (being located in the unhashed section of the
original signature), it isn't really there in the first place.

If this is correct and multiple notarizations of a given target body
do not happen sequentially using the same (evolving) target body
string, then verification will require figuring out the state of the
unhashed subpackets at the time the notarization in question was made
- a trial and error loop over each permutation.

Using the methodology above, multiple notarizations of a given target
body all have the same target body.

David

<Prev in Thread] Current Thread [Next in Thread>