extend todo-note

This commit is contained in:
Heiko Schaefer 2023-11-14 19:46:23 +01:00
parent 77d056702a
commit 5a454e85e7
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB

View file

@ -71,6 +71,8 @@ For efficient verification, an application must understand how to handle the lit
:class: warning
Is the signer keyid/fingerprint in the OPS important for the verifier to be able to verify the signature efficiently? Or is it (only?) there to be hashed and signed, along with the literal data?
Realization: It's probably useful to know the fingerprints right away, to first go find the public key material, before calculating the hash of a huge file.
```
#### Verification