On Mon, Dec 26, 2005 at 04:20:28PM +0000, Ian G wrote:
David Shaw wrote:
Can you give an example of why you feel this is a bug?
I think it is a bug if we decide that the
process of cleartext signing is reversable.
Can you please give an example of how the current system is not
reversible?
As far as I can see, the current system is quite reversible. For
example, given a document reading "this is a test" (no line ending,
and the last character in the file is the second t from test), here's
a clear signature:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
test <<----- There is a CRLF here, but it is NOT PART OF THE SIG
-----BEGIN PGP SIGNATURE-----
blah blah blah
-----END PGP SIGNATURE-----
Now given a document reading "this is a test<LINEENDING>", here's a
clear signature:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
test <<----- There is a CRLF here and it IS PART OF THE SIG
<<----- There is a CRLF here, but it is NOT PART OF THE SIG
-----BEGIN PGP SIGNATURE-----
blah blah blah
-----END PGP SIGNATURE-----
In what way is this not reversible?
So, if the process of verification creates
a file that is the pre-signed version, then
it has to decide whether the final CRLF has
to be preserved or stripped in the unsigned
output.
The final CRLF is not part of the document. If a user/implementation
wants a final CRLF in there that is part of the document, they need to
add one.
Think of the "BEGIN PGP SIGNATURE" string as actually being
"CRLF-----BEGIN PGP SIGNATURE". It's part of the message structure
and not part of the signed text.
David