Lack of PGP signatures

[Bill Stewart]

At 02:38 PM 7/5/96 -0400, "Mark M." <markm at voicenet.com> wrote:
>OK, now the point of this message: somebody pointed out that if a binary was
>clear-signed using an option that would strip it down to 7 bits, the binary
>would be corrupted and therefore, such an option on PGP would be a Bad Thing.
>Then, I pointed out that not only would there be no point in a clear signature,
>since that would make the binary useless to someone without PGP anyway.  It
>is best to sign a binary and extract the certificate to a separate file, which
>you noted above.  So an option that would strip data down to 7 bits would not
>affect the ability to sign a binary.  Such an option would probably be a Good
>Thing.

Not everybody limits their language to the 96 characters supported by ASCII;
many people use languages that have umlauts and cedillas and accent marks
and haceks
and other inkblots above/under/around their letters, or symbols like
section markers and Yen and British Pound currency symbols.  A signature form
that trashes files down to 7 bits would not only annoy these people,
but also their readers :-)  

One readily obvious alternative - hashing only the lower 7 bits of each letter,
but not damaging the letter itself - is probably worse, because the message
can be altered by changing high bits without changing the signature,
while the shred-them-all method at least leaves you sure what you're signing.

But they're both pretty bad....

#				Thanks;  Bill
# Bill Stewart +1-415-442-2215 stewarts at ix.netcom.com
# http://www.idiom.com/~wcs
#				Re-delegate Authority!