bad signature on clear signing
Ingo Klöcker
ingo.kloecker@epost.de
Sat Dec 14 01:51:02 2002
--Boundary-02=_M6n+9q4D1CEpoG4
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline
On Friday 13 December 2002 21:19, David Shaw wrote:
> On Fri, Dec 13, 2002 at 12:49:26PM -0500, Anthony E. Greene wrote:
> > On 13-Dec-2002/06:52 -1000, Tenui <tenui@ifrance.com> wrote:
> > >After a series of tests with another (local) gpg user, using 3
> > > different mail programs, I find
> > >that my signature is always bad when I clear sign a message and
> > > mail it,
> >
> > [snip]
> >
> > >The problem is not specific to GnuPG; the same thing occurs when I
> > > use PGP 8. Any ideas from the experts?
> > >(I am using gpg 1.2.1-nr1 with GPGshell 2.65)
> >
> > Maybe your mail server is removing trailing spaces from the end of
> > the lines. Try enabling Quoted-Printable.
>
> You should be able to mangle whitespace at the end of lines in clear
> signatures. Part of the spec specifically requires that end of line
> white space is ignored when making the signature hash (for the exact
> reason you mention, if I recall correctly).
JFYI, RFC 3156 (MIME Security with OpenPGP) states:
"Additionally, implementations MUST make sure that no trailing=20
whitespace is present after the MIME encoding has been applied."
Hmm, it seems KMail is doing this wrong. This might be the reason for=20
the bad signatures Dave Barton got on my messages. This non-compliance=20
to RFC 3156 should be fixed now.
Regards,
Ingo
--Boundary-02=_M6n+9q4D1CEpoG4
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA9+n6MGnR+RTDgudgRAvorAJ0VoIdXj19dcDgUXtnbaS/zJFSBWACeNCLQ
KxF8gveeJrRps7620UE+QW4=
=jVBa
-----END PGP SIGNATURE-----
--Boundary-02=_M6n+9q4D1CEpoG4--