comment and version fields // doesn't need to be a 'comment'

vedaal at vedaal at
Thu Apr 12 17:19:06 CEST 2007

have been away for a while, and did not have a chance to respond to 
the discussion about the comment and version fields

(and yes, i agree that the proper place would be the ietf wg
but they are currently involved in trying to get the rfc revision 
and might not want to consider other issues at this time)

just wanted to point out that the 'comment' line doesn't need to 
have the word 'Comment:', it only needs to have a ':' 

so the following can be inserted instead of or in addition to,
the 'comment' and 'version' lines,

GNUPG WARNING: This signing key has been reported to be compromised

the signature would still verify,
but this could potentially be misleading to people just starting 
out with gnupg

even though it is not strictly necessary,
it would certainly be helpful,
if a short statement could be included into the gnupg documentation
saying something like:

" In a clearsigned message, the only part that is authenticated is 
text of the message. This is the part in between the dashed lines,

Any insertions between the line,
and the signature block itself, 
is *NOT* authenticated, and may be altered without affecting the 
If there is any question about such insertions, please check them 
with the sender. "

the above is only a 'suggested text',
and could probably be improved on,

because of backward compatibility,
it is unlikely that the comment/version/ etc. lines could now be 
changed to be part of the authenticated material,
so the most practical thing might be just a small explanatory note 
in the user manual.


Click for free info on associates degrees and make $150K/ year

More information about the Gnupg-users mailing list