ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: ISSUE: misleading hash instructions

2005-10-11 12:40:58
from [Jon Callas] [Permanent Link] 


On 27 Aug 2005, at 6:59 AM, David Shaw wrote:



This one is really easy to fix.  In section 5.2.4 (Computing
Signatures), the paragraph ordering implies incorrect things about a
user ID certification signature (which hashes the public key plus user
ID packet).  The description of a user ID certification signature
refers to "the data above", which given the paragraph ordering, is how
to hash a signature for signing, and not a public key.

If we just switch the position of the paragraph beginning "When a
signature is made over a signature packet" with the paragraph
beginning "A certification signature (type 0x10 through 0x13)" the
problem goes away.



Fixed.

    Jon
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: ISSUE: misleading hash instructions, Jon Callas <=
Previous by Date:  Re: Cleartext Signatures, Ian G
Next by Date:  WGLC for draft-ietf-openpgp-openpgp-15 ends Oct 28 1700EDT, Derek Atkins
Previous by Thread:  Cleartext Signatures, Ben Laurie
Next by Thread:  WGLC for draft-ietf-openpgp-openpgp-15 ends Oct 28 1700EDT, Derek Atkins
Indexes:  [Date] [Thread] [Top] [All Lists]