Ian G wrote:
Hmm.... Consider this delicious example of a signed file:
http://webfunds.org/ricardo/contracts/webfunds/BeerVouchers.html
What would it mean if there were *two* such sequences in the one file?
It would mean there were two signed messages in that file.
Does the order matter? Is there any meaning to what comes before or
after that data stream? Does the file creation date mean anything?
These questions are beyond the scope of OpenPGP.
Also, I might as well ask the same questions about two separate files
with messages in. For example, if I follow this URL
http://webfunds.org/ricardo/contracts/webfunds/, there appear to be four
such messages linked. Does the order matter? blah, blah...
In that example the app benefits from OpenPGP's decision to concentrate
on the byte-stream definition. The app then arranges matters locally to
extract out the byte-stream and deal with it, knowing that it is dealing
with one and only one chunk. In that case, the app certainly ignores
any follow-on packets, and/or declares an error, and it certainly
doesn't want OpenPGP telling it to expect an endless stream of them.
The app is, of course, free to say "I expect a single OpenPGP message
per file". That doesn't mean the spec can't permit multiple messages per
file.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff