On Fri, May 21, 2004 at 11:22:17AM -0400, Hasnain Mujtaba wrote:
I understand that line endings need to be converted to CRLF. But
what about trailing whitespace? When canonicalizing the literal data
prior to encryption, do we have to strip off trailing whitespaces?
From the RFC, it seems that for signatures the canonicalization must
do both, i.e convert line endings and strip off trailing
whitespaces. But I am not sure if the same needs to be done for
encrypting text data.
It's a bit of a question. RFC-2440 says you must do both line ending
conversion and trailing whitespace removal. In practice, GnuPG does
this, and PGP does not (it only does line ending conversion).
For the upcoming 2440bis, there has been some discussion here what the
best thing to do is, but I don't think it is settled yet.
My opinion is that we should behave as PGP currently behaves, and only
do line ending conversion. Just so I'm clear, this is what I
advocate:
* For clearsigned text, do line ending conversion and remove trailing
whitespace.
* For 't' literal packets, do line ending conversion only.
David