From 16c6d0c265d660c22e11487e8e066cd0515ebb45 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Mon, 18 Dec 2023 19:36:48 +0100 Subject: [PATCH] Complete unfinished sentence --- book/source/signing_data.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/signing_data.md b/book/source/signing_data.md index d5eafe4..76436b8 100644 --- a/book/source/signing_data.md +++ b/book/source/signing_data.md @@ -75,7 +75,7 @@ To produce an {term}`inline signature`, the {term}`signer` processes the entiret For efficient {term}`verification`, an application must understand how to handle the {term}`literal data` prior to its reading. This requirement is addressed by the {term}`one-pass signature packets` located at the beginning of {term}`inline-signed` messages. These {term}`packets` include essential information such as the {term}`fingerprint` of the {term}`signing key` and the {term}`hash` algorithm used for computing the {term}`signature`'s {term}`hash digest`. This setup enables the verifier to process the data correctly and efficiently. -Strictly speaking, knowing just the hash algorithm would be sufficient to begin the verification process. However, having efficient access to the signer's fingerprint or key ID upfront allows OpenPGP software to fetch the signer's certificates before processing the entirety of the - potentially large - signed data, and . +Strictly speaking, knowing just the hash algorithm would be sufficient to begin the verification process. However, having efficient access to the signer's fingerprint or key ID upfront allows OpenPGP software to fetch the signer's certificate(s) before processing the entirety of the - potentially large - signed data. This may, for example, involve downloading the certificate from a keyserver. In case fetching the signer's certificate(s) fails, or requires additional input from the user, it is better to signal the user about this before processing the data. #### Verification