Hi,
On Wed, 30 Dec 2015 at 14:01:46 +0100, Nils Durner wrote:
I wonder if chunked streams could make their way to RFC4880bis instead.
The verification mechanism (MDC or data signature) would be added to
each chunk using the intermediate hash value,
I think this goes in the same direction that OAED or online
authenticating cipher modes are being considered for - see the recording
of the last IETF meeting at
http://recs.conf.meetecho.com/Playout/watch.jsp?recording=IETF94_OPENPGP&chapter=chapter_1
Thanks for the pointer. I think however that this could be useful for
detached sigs, too. For instance assuming a remote tarball, a local
detached signature, and an OpenPGP implementation that would copy
*verified* data to the output File Descriptor, one could write
ssh remote.example.org cat /path/to/backup |
gpg --verify /path/to/backup.sig - |
tar -x
without fear of race condition and without the inconvenience of creating
a temporary local file.
Cheers,
--
Guilhem.
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp