ietf-openpgp
[Top] [All Lists]

Re: cleartext signatures - trailing white space - proposal

2004-03-11 18:41:47


> As no text has been proposed or was proposed from the floor the issue was
> punted back to the authors to propose some text.


The issue was more that consesnus hadn't been achieved,
and that text which was proposed was indicative only.

But here goes: it comes down to, as I see it, one of
two choices (full example at end):

    Also, any trailing whitespace (characters <= 0x20) at the
    end of any line is ignored when the cleartext signature is
    calculated.

OR:

    Also, any trailing whitespace (0x20, 0x09) at the
    end of any line is ignored when the cleartext signature is
    calculated.

Note 1.  I'd like "space" defined as a 0x20 to remove the possibility
of Unicode spaces.

Note 2.  Before it said (spaces, and tabs, 0x09) which is odd, as
tabs are 0x09, unless I have it crossed.  Where vertTabs (0x0B)
supposed to be in there?

Note 3.  I'm ambivalant on the choice.



Note 4.  And, to clarify Unicode, I suggest adding:

    No exception for Unicode whitespace is defined,
    and all Unicode characters SHOULD NOT be ignored.



iang

PS: while we're at it, it might be better if a new
section is added, 7.2, and the paras re-ordered as
below.  Just a thought...  I also took the liberty
of joining the "From " on one line, para 2, line 6.



7.1. Dash-Escaped Text

    The cleartext content of the message must also be dash-escaped.

    Dash escaped cleartext is the ordinary cleartext where every line
    starting with a dash '-' (0x2D) is prefixed by the sequence dash '-'
    (0x2D) and space ' ' (0x20). This prevents the parser from
    recognizing armor headers of the cleartext itself. An implementation
    MAY dash escape any line, SHOULD dash escape lines commencing
    "From " (note the space), and MUST dash escape any line commencing
    in a dash. The message digest is computed using the cleartext
    itself, not the dash escaped form.

    When reversing dash-escaping, an implementation MUST strip the
    string "- " if it occurs at the beginning of a line, and SHOULD warn
    on "-" and any character other than a space at the beginning of a
    line.

7.2. Canonical Line Endings

    As with binary signatures on text documents, a cleartext signature
    is calculated on the text using canonical <CR><LF> line endings.
    The line ending (i.e. the <CR><LF>) before the '-----BEGIN PGP
    SIGNATURE-----' line that terminates the signed text is not
    considered part of the signed text.

    Also, any trailing whitespace (characters <= 0x20) at the
    end of any line is ignored when the cleartext signature is
    calculated.  No exception for Unicode whitespace is defined,
    and all Unicode characters SHOULD NOT be ignored.

8. ...