On Wed, Feb 11, 2009, Jan C. wrote: > Hello everybody, > I would like to ask what is the difference, from the cryptographic > point of view, between an opaque signature (-nodetach) and a clear > text signature. >
No cryptographic difference at all: they are different ways of packaging the same thing. In practical terms the cleartext multipart/mime version can sometimes be corrupted by mail gateways whereas the embedded signature form is more resistant. The embedded form in MIME messages is often base64 encoded which will increase its size. Current versions of OpenSSL can only verify embedded signatures if the whole content is in memory. Version 0.9.9 can generate embedded signatures on the fly though. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
