ietf-openpgp
[Top] [All Lists]

Re: Lack of clarity in dash-escaped?

2005-11-30 08:30:29

Daniel A. Nagy wrote:
On Wed, Nov 30, 2005 at 01:35:38PM +0000, Ben Laurie wrote:

Daniel A. Nagy wrote:

On Wed, Nov 30, 2005 at 10:40:40AM +0000, Ben Laurie wrote:

Does this mean they should not be included in the signature, or also
that they should be stripped from the dash-escaped text?

It doesn't matter.

Of course it matters!


No, it does not. Either way, the signature will verify. It is up to the
implementation to strip or not to strip empty line endings. It can even
change them (e.g. add a few spaces and tabs after some of the line endings).


I think what you mean is that the whitespace
should not be included in the calculation,
but it doesn't matter whether they are stripped
from the document itself.

Canonization is an idempotent operation. Documents that are the same after
canonization are considered identical as far as text signaures go.

(I've always seen it written as canonicalisation
or canonicalization.)  So the question is whether
we canonicalise the document or simply canonicalise
the signature processing.  I think the answer is
that it is open to the application.

For pure ascii text, a printed clearsigned document, if typed back in, should
verify. Unfortunately, with unicode this is no longer the case, as there is a
whole bunch of different letters that look exactly the same (e.g. "o" and
"о" -- the latin and cyrillic "o", repsectively). Actually, this is problem
for legal applications.

It is an issue, yes.  We discussed this a while
back and came to the conclusion that *only* ascii
whitespace was to be stripped/ignored, as the
alternate was too hard to define.  That's why
the specific characters to be stripped are in
the spec - to stop people looking for cyrillic
spaces or different sized spaces.

iang