[PATCH] avoid publishing the GnuPG version by default

Patrick Brunschwig patrick at enigmail.net
Fri Aug 5 20:24:32 CEST 2016


On 05.08.16 16:36, Daniel Kahn Gillmor wrote:
> On Fri 2016-08-05 06:28:58 -0400, Werner Koch wrote:
>> You are right, the "Version:" has no technical meaning.  The "Hash: foo"
>> header for cleartext signatures is required to replace the one-pass
>> signature packets we have in binary signatures.
> 
> Yep.  And Hash: isn't necessary (nor is it generated) when doing
> detached signatures or PGP/MIME signatures anyway (the PGP/MIME
> multipart/signed content-type has a micalg= parameter that achieves the
> same purpose).

Be careful here. Removing the Hash: header would break all versions of
Enigmail when trying to create PGP/MIME signed messages - and I'm sure a
few other tools as well. Even though I do not care (anymore) for the
value I find in the micalg= parameter when reading signed messages, I
still rely on the header for the creation of such messages...

-Patrick

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160805/352bec4c/attachment-0001.sig>


More information about the Gnupg-devel mailing list