-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> I think it really depends on what the signature-in-a-subpacket is
> being used for. For the back-signature, it probably doesn't need
> any subpackets. At the same time, it doesn't hurt to include them.
> Does it matter very much?
Yes, I was referring specifically to subkey cross-signatures.
Including subpackets, particularly issuerId, is just wasteful
in this situation. (They're pretty wasteful on binding signatures,
too; one might argue that they could help correct a shuffled
packet sequence, but that's a stretch.) I'd like to see
recommendations for each flavor of signature that reflect
real needs.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
iQA/AwUBP584Z+c3iHYL8FknEQIiPwCgm4A5qIQe4+rG/VEK8OLMy7Ee9FAAoNN9
4/c0+JUqyniYgrne5w8E/nTO
=KIIn
-----END PGP SIGNATURE-----