mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-26 17:42:06 +01:00
add detail to ch7 pitfalls section of cleartext signatures
This commit is contained in:
parent
32b5e0cfe0
commit
1b1e918a01
1 changed files with 1 additions and 1 deletions
|
@ -137,7 +137,7 @@ _ **Escaping dashes**: The framework implements a method of [dash-escaped text](
|
||||||
|
|
||||||
#### Pitfalls
|
#### Pitfalls
|
||||||
|
|
||||||
While widely used, cleartext signatures are sometimes viewed as a "legacy method"[^csf-gnupg]. The RFC outlines [pitfalls of cleartext signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-issues-with-the-cleartext-s) and advises that inline and detached signature forms are often preferable.
|
Despite their widespread adoption, cleartext signatures have their limitations and are sometimes viewed as a "legacy method"[^csf-gnupg]. The RFC details the [pitfalls of cleartext signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-issues-with-the-cleartext-s), such as incompatibility with semantically meaningful whitespace, challenges with large messages, and security vulnerabilities related to misleading Hash header manipulations. Given these issues, safer alternatives like inline and detached signature forms are advised.
|
||||||
|
|
||||||
[^csf-gnupg]: https://lists.gnupg.org/pipermail/gnupg-devel/2023-November/035428.html
|
[^csf-gnupg]: https://lists.gnupg.org/pipermail/gnupg-devel/2023-November/035428.html
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue