diff --git a/book/source/06-signatures.md b/book/source/06-signatures.md index bb32d4a..466fe09 100644 --- a/book/source/06-signatures.md +++ b/book/source/06-signatures.md @@ -96,6 +96,12 @@ RFC Sections [5.2.3.11](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypt ### "Negotiating" signature hash algorithm based on recipients preference subpackets +```{admonition} TODO +:class: warning + +investigate, discuss: GnuPG uses preference packets for the User ID that was addressed while sequoia completely omits User ID preferences and either uses Direct Key Sigs or (I think) primary User ID. +``` + ### Explore viability of having multiple signatures, e.g. v4+v6? ```{admonition} TODO diff --git a/book/source/07-signing_data.md b/book/source/07-signing_data.md index 03acb41..ef01e1d 100644 --- a/book/source/07-signing_data.md +++ b/book/source/07-signing_data.md @@ -15,6 +15,15 @@ Add content, including: - Signature of a canonical text document - "The signature is calculated over the text data with its line endings converted to ``" + +data signatures have three forms: +- detached, +- inline (that is signature contains the data which is signed inside of a signature container) and +- cleartext which I guess will be special-cased in v6 (to require small text etc). + +(This corresponds to gnupg's --detach-sign --sign and --clear-sign) + +cleartext: explain text transforms for cleartext signatures (LF->CRLF etc) ``` ## Data signatures