ietf-openpgp
[Top] [All Lists]

Outstanding question - rule on cleartext signing last line

2005-12-08 04:57:07

Daniel A. Nagy wrote:
On Thu, Dec 08, 2005 at 09:52:52AM +0000, Ian G wrote:


(I never did see a resolution to that question?
What then was the rule on the last newline?)


In order for the cleartext signed message to verify, there is no need to add
another newline; the standard allows for text messages where the last line
is not terminated. GPG actually REMOVES the last newline, if the input comes
from the console, in order to allow for cleartext messages with an
unterminated last line. I like this feature a lot.

If terminating the last newline is not required, then one-pass signed and
clearsigned text messages can be converted back-and-forth without access to
the secret key (or any cryptography, for that matter). I think this feature
is worth preserving.

Thus, I propose not requiring the termination of the last line (and not
terminating it automagically).

So, what you are proposing is that when
an unterminated message is signed:

-----BEGIN SIGNED MESSAGE-----

this message was signed unterminated
-----BEGIN PGP SIGNATURE-----
b1ab1a
-----END PGP SIGNATURE-----

It recovers as "this message was signed unterminated"
as it went in?  And then this becomes:


-----BEGIN SIGNED MESSAGE-----

this message was already terminated

-----BEGIN PGP SIGNATURE-----
b1ab1a
-----END PGP SIGNATURE-----

which extracts as "this message was already terminated
" (i.e., preserving its one newline).



OK, I'd be happy with that.  As long as it is a solid
rule.

But I think we need to hear from the PGP Inc and GPG
architects on this?

iang