ietf-openpgp
[Top] [All Lists]

Re: Outstanding question - rule on cleartext signing last line

2005-12-28 00:35:26

I have some general opinions about this issue.

(1) I don't think the spec should change. The reason that I don't think it should change is that we're in last call. We want to tidy this thing up. Changes to the spec are most likely going to get something that is "right" but causes a decade of interoperability twists that we will "resolve" by declaring old versions to be bogus and the new behavior that no one does to be right. Then a half-dozen years from now, we'll go back to whatever it says now.

If you don't believe me, this is *exactly* what happened with the whole blank-trimming thing.

Now, then, I am not opposed to having a clarification in the spec. I'll merely allude to my standard comment that OpenPGP Formats is not a How To Write An OpenPGP Application which everyone's heard at least once. And yes, I know there's a big fat fuzzy grey line between clarifications and telling people how to code.

(2) I don't see how in the general case clearsigning can be a reversible operation. There are several reasons for this. We have a way to sign data reversibly. That is binary-mode signing. Binary-mode signing is not clearsigning. We also have an higher-level abstraction, text-mode signing. Text-mode signing is not, in the general case, reversible. The reason is that OpenPGP takes this abstract text object and then translates it into the native text format of the receiver's system. If one of us is on a unix box, and one of us is on Windows, then it's very difficult for us to talk about what the heck reversibility is. Ambiguities about text-mode are not new to OpenPGP. They date back at least as far as FTP, and they are a good thing, not a bad thing.

Clearsigning is an abstraction built on top of text mode that further abstracts the signature. Text-mode signing is not human-readable. It still involves packets. Clearsigning is human-readable and that's the whole point.

I believe that good human interaction is a better virtue than reversibility. Let me give an example.

Consider these three text files:

"a"     (the file containing the letter 'a')
"a\n"   (the file containing an 'a' and followed by a line-end)
"a\n\n" (the same, but with two line-ends)

If the first two look the same when clearsigned, this is not a bug, it's a feature. The point of clearsigning is that it be a pleasant experience for the user who wants to read the text, while making it so that a signature can be verified. I expect the third one to have one more blank line than the second one. I don't care how many more it has than the first one.

I'm on a unix system and if I 'more' each of the first two, they come out the same on my terminal. If I 'cat' them, they do not, and I believe that this is braindamaged, even if it is "right" and even after you explain to me in detail that it's "right." It may be right, but it's still braindamaged.

Whatever GnuPG, PGP, etc. are doing are okay. I see lots of clearsigned messages and nothing ever rubs my aesthetics the wrong way. The purpose of clearsigning is to make it easy to read by humans. Abstract properties like reversibility are secondary; if you want the thing to be reversible, then use a detached signature, for Pete's sake!

If there is some application out there that were to compress a zillion newlines into some reasonable number like one, two, or three in the output of a clearsigned message, then more power to them! There's nothing in OpenPGP that says you can't do that.

(3) I am firmly against any tweak to the spec, including commentary, that requires any implementation that's got versions past 1.0.1 to have to make a code or behavior change. It's far, far too late for that.

Whatever is out there is good enough. If we can make life easier for the likes of Ben and Rachel and other people who are making new systems, we should. But this should not burden any existing system one iota.

        Jon