Possible GPG signature-check bug
Werner Koch
wk at gnupg.org
Thu Apr 18 22:21:01 CEST 2002
On Thu, 18 Apr 2002 13:48:39 -0500, Larry Ellis said:
> 1. Is there anything inherently wrong with the double signature block (for
> example, does it violate some packet structure convention).
Yes, the grammar is like this (rfc2440):
Signed Message :- Signature Packet, OpenPGP Message |
One-Pass Signed Message.
But you have
YouMessage :- Signature Packet, Signature Packet
which is not possible because
OpenPGP Message :- Encrypted Message | Signed Message |
Compressed Message | Literal Message.
so it turns out that a Signed Message eventually leads to an
encrypted, compressed or literal message - all of these message don't
have an empty body.
It can be debated whether a detached signature may contain several
signature packets; the wording is not clear.
> 2. If the answer to 1 is no, whose handling of this is correct? PGP's or
> GPG's?
PGP 2 handles this wrong.
Given that the sematics of a timestamping signature are not well
defined, it would be best for a time stamping service to create a
deatched signature on your detached signature.
Werner
More information about the Gnupg-devel
mailing list