gpg 1.0.6 troubles with whitespace-only Comment header

Andrew McDonald andrew@mcdonald.org.uk
Fri Nov 23 01:00:02 2001 

--veXX9dWIonWZEC6h
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Nov 22, 2001 at 11:40:28PM +0100, Igor Bukanov wrote:
> It seems that gpg 1.0.6 does not like "Comment:" header which consists=20
> only of spaces that pgp 6.0.2 can make. I received the following message:
>=20
> -----BEGIN PGP MESSAGE-----
> Version: PGP 6.0.2
> Comment:
>=20
> hQCMA....
>=20
> where there is 2 ASCII space characters after "Comment:"
>=20
> and gpg complains:
> gpg: invalid armor header: Comment:

Well, RFC2440 says:

   The Armor Headers are pairs of strings that can give the user or the
   receiving OpenPGP implementation some information about how to decode
   or use the message.  The Armor Headers are a part of the armor, not a
   part of the message, and hence are not protected by any signatures
   applied to the message.

   The format of an Armor Header is that of a key-value pair.  A colon
   (':' 0x38) and a single space (0x20) separate the key and value.
   OpenPGP should consider improperly formatted Armor Headers to be
   corruption of the ASCII Armor.  Unknown keys should be reported to
   the user, but OpenPGP should continue to process the message.

Although it says that a single space separates the key and value it
doesn't appear to say that the 'value' can't start with a space (0x20)
or be only a space. In fact this section of the RFC (and also the
current Internet Draft seems a bit vague on what the contents of the
'key' and 'value' can be.

Probably a question for Werner, and maybe some room for adjustment in
the I-D?

--=20
Andrew McDonald
E-mail: andrew@mcdonald.org.uk
http://www.mcdonald.org.uk/andrew/

--veXX9dWIonWZEC6h
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7/ZDn/LupyPLe7TYRAo4JAJwKGpC12frdr+pr0YDc+zfhAsDb2wCeJLpt
fn80vtH8OD6ben++Tz7cCtg=
=UqbJ
-----END PGP SIGNATURE-----

--veXX9dWIonWZEC6h--