cleartext signature: digest determination
Hauke Laging
mailinglisten at hauke-laging.de
Wed Jun 19 14:19:51 CEST 2013
Hello,
in RfC4880 I read this:
https://tools.ietf.org/html/rfc4880#section-7
«If the "Hash" Armor Header is given, the specified message digest
algorithm(s) are used for the signature. If there are no such headers, MD5 is
used.»
That doesn't make sense to me. I checked a cleartext signature with
gpg --list-packets and got this:
:signature packet: algo 1, keyid 4CB66C1B33FB59FC
version 4, created 1364174035, md5len 0, sigclass 0x01
digest algo 2, begin of digest a1 0d
hashed subpkt 2 len 4 (sig created 2013-03-25)
subpkt 16 len 8 (issuer key ID 4CB66C1B33FB59FC)
data: [4093 bits]
This looks like a normal signature packet to me, and it does contain the used
digest algo. So why should it be necessary to write the used digest into the
cleartext part? Is that a compatibility issue with older OpenPGP versions?
Usually that is mentioned but not in the text I quoted.
Hauke
--
☺
PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
http://www.openpgp-courses.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20130619/6d8beb7c/attachment.sig>
More information about the Gnupg-users
mailing list