Re: [epoint] [issue] Verifiability of transaction database correctness

From: Szabolcs Nagy <nsz_AT_port70.net>
Date: Sun, 15 Jul 2012 13:09:39 +0200

* Szabolcs Nagy <nsz_AT_port70.net> [2012-07-15 11:56:18 +0200]:
> i will fix the document id calculation so
> an extra \n after the body is included
> in the document hash
>

on a second thought this makes a detached signature
implementation problematic (for example for storage):

keeping body and sig separately so

 gpg --verify sig body

works, the clear signed document is
(assuming trailing whitespace in body is cleaned up)

 cat head body newline sig >clearsigned
 gpg <clearsigned >body2

and body2 will include an extra newline at the end
so detached vs clearsigned body differs

if the document id is the hash of body2
then detached signature handling will be awkward
(ie hash of the stored body will need extra fix)

and some tools prefer detached signatures (email)

so either

 sha1sum detached-body

or

 gpg <clearsigned |sha1sum

can be the id but not both
Received on Sun Jul 15 2012 - 13:09:39 CEST

This archive was generated by hypermail 2.3.0 : Sat Sep 14 2013 - 19:00:04 CEST