ietf-openpgp
[Top] [All Lists]

Re: Signature types

2005-08-27 08:34:27

On Sat, Aug 27, 2005 at 10:25:07AM +0100, Ian G wrote:

Daniel A. Nagy wrote:
... [some stuff]

On that section, but not on Daniel's question, it occurs to
me that the caveat found half way down ("Please note that
the vagueness...") could be usefully expanded to cover all
of 5.2.1.

What the claim of the signature is can be indeed very vague, but what kind
of objects are hashed to verify the signature should be unambiguous in the
standard.

I still maintain that there is a very legitimate need for a timestamp
signature on any kind of data that has no meaning beyond the timestamp.

A signature on a signature is also useful (for different purposes), but it
cannot have the same signature type as the above signature, because the
objects that they sign are different.

Using 0x40 (and possibly 0x41) for the first purpose and 0x50 for the second
seems logical and in line with RFC2440.

-- 
Daniel


<Prev in Thread] Current Thread [Next in Thread>