[fwd] Re: PGP/MIME implementors: text mode vs. binary mode? (from: hal@finney.org)
JP Sugarbroad
taral@taral.net
Thu Feb 15 01:59:01 2001
--GvXjxJ+pjyke8COw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Feb 14, 2001 at 11:18:27PM +0100, Thomas Roessler wrote:
> More precisely, PGP/MIME helps to address several ugly problems you
> normally have with detached signatures:
>=20
> - PGP/MIME includes MIME headers with the signature, thereby
> indicating how the signed data should be interpreted. This can be
> crucial - remember all these nice "is valid in N+1 formats" files?
> (For instance, you could do interesting things with XPMs.)
That's the point. It's a TRANSFER encoding. It is 100% valid to change
it on the fly if necessary. If PGP/MIME signatures were pre-CTE, said
change would not invalidate the signature.
> - By signing post-CTE, you have something signed which has been
> translated to some well-defined format before. Now, just look
> what happens when you mix character set conversions with cleartext
> signatures...
Character set conversion is in the CT (Content-Type) stage, not the CTE
stage. CT should obviously occur before signature.
> - PGP/MIME signed messages can be read by MIME-aware, but
> PGP-unaware clients, with the same results as far as the signed
> data are concerned. I have yet to see any other signature scheme
> which has this property.
So could a standard which was identical to PGP/MIME except that the
signature is calculated on pre-CTE data.
--=20
Taral <taral@taral.net>
Please use PGP/GPG to send me mail.
"Never ascribe to malice what can as easily be put down to stupidity."
--GvXjxJ+pjyke8COw
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjqLKaMACgkQ7rh4CE+nYEn38QCg1GFRwt2dd0TQ3slzNwAqajTv
fkwAn2EG3SL8QoM0IIoSUE7PE0gV9d4+
=v/Zr
-----END PGP SIGNATURE-----
--GvXjxJ+pjyke8COw--