ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ISSUE: misleading hash instructions

2005-08-27 06:59:53
from [David Shaw] [Permanent Link] 

This one is really easy to fix.  In section 5.2.4 (Computing
Signatures), the paragraph ordering implies incorrect things about a
user ID certification signature (which hashes the public key plus user
ID packet).  The description of a user ID certification signature
refers to "the data above", which given the paragraph ordering, is how
to hash a signature for signing, and not a public key.

If we just switch the position of the paragraph beginning "When a
signature is made over a signature packet" with the paragraph
beginning "A certification signature (type 0x10 through 0x13)" the
problem goes away.

David
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • ISSUE: misleading hash instructions, David Shaw <=
Previous by Date:  Re: Signature types, David Shaw
Next by Date:  Re: Signature types, Daniel A. Nagy
Previous by Thread:  Signature types, Daniel A. Nagy
Next by Thread:  Encrypt subject, Karl Kashofer
Indexes:  [Date] [Thread] [Top] [All Lists]