On 16 Dec 2024, at 14:51, Werner Koch <[email protected]> wrote: > >> taking plaintext covert channels as a serious threat. Also, v5 >> signatures have extra free-text fields (filename, timestamp) that are >> hashed-in before the main document, rather than as subpackets. > > Yes, they can be used. But your WG removed the bug fix (i.e. hashing > the meta data). And that is the very reason why it is not possible to > support that new signing format.
Werner, *you* proposed a solution for this in the LibrePGP draft: https://datatracker.ietf.org/doc/html/draft-koch-librepgp#section-5.2.3.33 > This subpacket MAY be used to protect the meta data from the Literal Data > Packet with V4 signatures I then proposed extending this mechanism to v6 signatures: https://datatracker.ietf.org/doc/html/draft-gallagher-openpgp-literal-metadata > This document introduces the missing integrity check by adopting and > extending the "Literal Data Meta Hash" subpacket from [LIBREPGP], section > 5.2.3.33. And then *you* told *me* that it wasn’t worth the effort implementing the fix that *you* invented: https://lists.gnupg.org/pipermail/librepgp-discuss/2024/000005.html > Sure, you may use it for v6 signatures. But after all why should you do it, > given that it was removed from crypto-refresh for some incomprehensible > reason. Are these serious questions for which people can propose serious answers, or is it just a gish gallop? Because it feels like we’ve been going around the same circles for over a year now. A
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
