At 02:38 PM 7/5/96 -0400, "Mark M." <markm@voicenet.com> wrote:

OK, now the point of this message: somebody pointed out that if a binary was clear-signed using an option that would strip it down to 7 bits, the binary would be corrupted and therefore, such an option on PGP would be a Bad Thing. Then, I pointed out that not only would there be no point in a clear signature, since that would make the binary useless to someone without PGP anyway. It is best to sign a binary and extract the certificate to a separate file, which you noted above. So an option that would strip data down to 7 bits would not affect the ability to sign a binary. Such an option would probably be a Good Thing.

Not everybody limits their language to the 96 characters supported by ASCII; many people use languages that have umlauts and cedillas and accent marks and haceks and other inkblots above/under/around their letters, or symbols like section markers and Yen and British Pound currency symbols. A signature form that trashes files down to 7 bits would not only annoy these people, but also their readers :-) One readily obvious alternative - hashing only the lower 7 bits of each letter, but not damaging the letter itself - is probably worse, because the message can be altered by changing high bits without changing the signature, while the shred-them-all method at least leaves you sure what you're signing. But they're both pretty bad.... # Thanks; Bill # Bill Stewart +1-415-442-2215 stewarts@ix.netcom.com # http://www.idiom.com/~wcs # Re-delegate Authority!