On Wed, Mar 17, 2004 at 01:55:08PM -0500, Ian Grigg wrote:
David Shaw wrote:
[ i == no trimming whitespace for 0x01 sigs
ii == trimming whitespace for 0x01 sigs ]
I would be perfectly content with either solution, with perhaps a
slight leaning towards (i) due to a desire to not mess with user
supplied input unless we have to.
Right now, I'm inclined towards (i) myself as
a signing implementation could warn whether
there are trailing spaces, and a verifying
implemetation could try to trim spaces as
a fallback technique.
Okay, so here's a proposal. In section 5.2.1, the text currently
reads:
0x01: Signature of a canonical text document.
This means the signer owns it, created it, or certifies that it
has not been modified. The signature is calculated over the
text data with its line endings converted to <CR><LF> and
trailing spaces (0x020) and tabs (0x09) removed.
I suggest:
0x01: Signature of a canonical text document.
This means the signer owns it, created it, or certifies that it
has not been modified. The signature is calculated over the
text data with its line endings converted to <CR><LF>.
This is the same as before but trailing whitespace is not removed.
Note that I'm only talking about 0x01 signatures here. Cleartext
signatures, and the trimming therein, should be unchanged by this.
Rationale: there are good reasons to do whitespace trimming for
cleartext signatures (mail mangling, cut and paste mangling, etc).
These reasons do not apply to an 0x01 signature as it is not cleartext
- it is protected inside the binary or ascii armor shell. In general,
if we have no good reason to tamper with user supplied input, I think
we should keep hands off.
David