On Wed, Mar 31, 2004 at 01:09:33PM -0800, Hal Finney wrote:
David Shaw writes:
Section 5.2.4 says:
The signature data is simple to compute for document signatures
(types 0x00 and 0x01), for which the document itself is the data.
How about:
The signature data is simple to compute for document signatures
(types 0x00 and 0x01), for which the document itself is the data.
When the document is not represented as a Literal Message, the
entire OpenPGP Message is the data. See section 10.2 for the
formal definition of Literal and OpenPGP messages.
One comment, after helping many people over the years implement OpenPGP
compliant code, I suggest we take out any claims in the document that
any part of it is "simple".
Good point. ;)
The original "problem" here is that the grammar defines a particular
packet arrangement that the draft doesn't explain how to generate:
Signature Packet, OpenPGP Message
and
One-Pass Signature Packet, OpenPGP Message, Corresponding Signature
Packet
The draft only specifies how to handle these cases where the "OpenPGP
Message" in question is really a "Literal Message".
I was suggesting to fix it by defining how to hash the OpenPGP
Message. Rather than do that, though, why not just change the grammar
to explicitly say Literal Message?
No new functionality, less complexity. Less is more.
David