ietf-openpgp
[Top] [All Lists]

Re: Outstanding question - rule on cleartext signing last line

2005-12-27 11:37:47

Hal Finney wrote:
I'd suggest that clearsigning is aimed more at applications which will
present the signed document to users as it was received "on the wire",
so that they can read it usefully even with the signature in place.
For that purpose the important thing is to know exactly how the signature
will be verified so that signers can create valid documents.  I think
we agree that the spec is adequate for this purpose.

For data interchange, you want to start with a document on one machine
and sign or encrypt it, send it to another machine and verify/decrypt,
getting back the same document.  For that purpose the binary formats
work well.

Not for text documents. It seems to me that it is a reasonable
expectation that if I clearsign a text document, I should be able to
recover the document from the clear signature. Currently that isn't
possible with certainty.

I do not see the harm in fixing this issue.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff