multiple signers
Werner Koch
wk@gnupg.org
Wed Dec 11 15:09:01 2002
On Wed, 11 Dec 2002 10:40:01 +0100, Timo Schulz said:
> Yes, I thought the same. When the file is very large, it takes a long
> time to verify two or more signatures. What about parallel hashing.
Even worse, you can't do this when the data comes from a pipe.
We already use several hash contexts to work around PGP bugs. I am
not in favor of setting up even more. If the message is correctly
encoded, we can hash the data using more than one algorithms, it is
just a matter of enabling the algorithms for the hash context and
doing a md_copy right before hashing the signature specific part.
> On the other hand, this means we need to change the code in lots of
> files and this is no solution for the stable branch.
Right.
Salam-Shalom,
Werner