[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2] verify: search keyid in hashed signature subpackets
From: |
Daniel Kiper |
Subject: |
Re: [PATCH v2] verify: search keyid in hashed signature subpackets |
Date: |
Mon, 5 Dec 2016 16:24:40 +0100 |
User-agent: |
Mutt/1.3.28i |
On Fri, Dec 02, 2016 at 04:58:39PM +0000, Ignat Korchagin wrote:
> According to RFC 4880 5.2.3 only "Signature Creation Time" subpacket
> "MUST" be present in the hashed area. All other subpacket types may be present
> either in hashed or unhashed areas. Currently GRUB assumes, that the "Issuer"
> subpacket is in unhashed area (by default put there by gpg tool), but other
> PGP implementations (like https://godoc.org/golang.org/x/crypto/openpgp)
> may put it in the hashed area.
In general LGTM. One nitpick, may I add your SOB (Signed-off-by) here?
Otherwise if there are no objections in 2-3 days I will apply it.
Daniel