Generate digest and signature seperately
jerome at jeromebaum.com
Tue Jun 14 13:51:10 CEST 2011
> No, it's the other way. A PGP signature does embed information about all sorts of things, including whether it is the signature of a file or signature over a certificate.
I think it really boils down to "the details are significant". It's
not really the signature packet that is relevant, but the actual
signature (i.e. number generated using private key). This signature
definitely uses a hash. We know that hash varies between data sigs and
certs. So here's the question:
Does the (mathematical) signature differ between data sigs and certs
in any way besides the varying hash?
email jerome at jeromebaum.com
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
More information about the Gnupg-users