Re: gnupg/mailing list validation error

[Albrecht Dreß <albrecht dress arcor de>]

Am 03.03.04 21:56 schrieb(en) Kacper Wysocki:
> this info for me. Only one worry, though- signatures(the human readable  
> kind) are usually prepended with a "-- \n" - note the trailing  
> whitespace. I've seen it discussed many a time that mailers incorrectly  
> gobble the trailing whitespace, as this is a standard that some MUAs  
> depend on to, say, display the .sig in a different color. Is this the  
> case here with two conflicting standards, as the RFC states that  
> trailing whitespaces should be ignored?

In RFC 3156 (multipart/signed), this whitespace "counts", whereas in RFC  
2440 it is simply ignored for the calculation of the signature. Note,  
however, that signature calculation takes place *after* applying the  
content transfer encoding which is forced to quoted-printable in balsa.

This line is converted to "--=20" for RFC 3156, so the whitespace is not  
visible to the crypto routines, and should also be ignored by any mta or  
gateway. Note that there is no need to code non-trailing whitespaces, so a  
line consisting of, say, two spaces may safely be encoded as " =20".

In RFC 2440 mode (aka OpenPGP, single-part signing/encryption), not only  
the whitespace will be quoted-printable encoded (which is *not* a  
requirement of '2440, but I added it for safety, and it will never do any  
harm!), but also the leading dash must be "dash escaped", so the line  
reads "- --=20". You may check this yourself by sending signed messages to  
yourself@localhost and then looking into the message source.

Hth,

	Albrecht.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Albrecht Dreß  -  Johanna-Kirchner-Straße 13  -  D-53123 Bonn (Germany)
       Phone (+49) 228 6199571  -  mailto:albrecht.dress@arcor.de
_________________________________________________________________________

PGP signature