On Tue, Apr 03, 2007 at 09:57:25AM -0600, Matt wrote: > I buy a drill, I know a hand crank or motor turns the bit, and the bit > makes holes. I buy a refrigerator, its job is to keep food cool, I have > now idea how it turns electricity into cooling - and it is not addressed > in the manual, as long as it does its job it doesn't matter. I have a > tool I use to get to work each day, it is called a car. I have the > faintest and most basic understanding of an internal combustion engine, > but have no idea why a muffler reduces pollution so my vehicle passes > emissions tests. I download 7-zip, and use it to compress and decompress > data, do I understand how each compression and decompression work? No. > When I look at the manual, does it tell me how to compress and > decompress by hand? Or does it tell me what non-free programs it makes > obsolete? Even if it started to tell me how to (de)compress, would it > explain the phrase 'dynamic hash table'? I download GPG. Does the manual > explain how each encryption/signing algorithm works? Or does it say it > supports RSA, DH, AES... possibly mentioning limitation of each choice? > Or does it assume that such details are unimportant as long as the user > gets "gpg -e -r heine file"? Does it say that the comment lines I read > in the (clearsigned) message before running it through GPG are not part > of the signed message, that any third party between the sender and me > could have altered them?
This is silly. Observe: Step 1: echo "This is my signed message" | gpg --clearsign > my-signed-message.gpg Step 2: cat my-signed-message.gpg | gpg > output Step 3: cat output This is my signed message Look: no comments or anything like that. You cannot infer any meaning from a signed message before you verify it, and notice that when you verify it, you get exactly what you'd expect. You're basically reading the message "source code" before it has been verified. Complaining about the Comment field is rather like complaining about OpenPGP packet headers. I could hide all sorts of super-sekrit messages in packet headers or in unhashed signature subpackets. It doesn't matter a whit. They're not part of the signed message. > Fixing the RFC is probably not an option, but being more clear in user > documentation is. Not just the official GnuPG manual, but the OpenPGP > help file in enigmail, and other MUA wrappers. The OpenPGP documentation does not really need a note to say that "you need to actually verify a signature before you decide that it is valid". David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
