[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2] verify: search keyid in hashed signature subpackets
From: |
Ignat Korchagin |
Subject: |
Re: [PATCH v2] verify: search keyid in hashed signature subpackets |
Date: |
Mon, 5 Dec 2016 15:26:10 +0000 |
> One nitpick, may I add your SOB (Signed-off-by) here?
Sorry, somehow I missed it this time (probably forgot to specify the
git option).
Yes, please add it.
On Mon, Dec 5, 2016 at 3:24 PM, Daniel Kiper <address@hidden> wrote:
> On Fri, Dec 02, 2016 at 04:58:39PM +0000, Ignat Korchagin wrote:
>> According to RFC 4880 5.2.3 only "Signature Creation Time" subpacket
>> "MUST" be present in the hashed area. All other subpacket types may be
>> present
>> either in hashed or unhashed areas. Currently GRUB assumes, that the "Issuer"
>> subpacket is in unhashed area (by default put there by gpg tool), but other
>> PGP implementations (like https://godoc.org/golang.org/x/crypto/openpgp)
>> may put it in the hashed area.
>
> In general LGTM. One nitpick, may I add your SOB (Signed-off-by) here?
> Otherwise if there are no objections in 2-3 days I will apply it.
>
> Daniel