[openpgp] Question on computing v5 signatures

Heiko Stamer <HeikoStamer@gmx.net> Wed, 01 May 2019 19:29 UTC

Return-Path: <HeikoStamer@gmx.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40D3A120025 for <openpgp@ietfa.amsl.com>; Wed, 1 May 2019 12:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zzEmVFCaE3me for <openpgp@ietfa.amsl.com>; Wed, 1 May 2019 12:29:15 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5840712008D for <openpgp@ietf.org>; Wed, 1 May 2019 12:29:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1556738952; bh=0XL7HIdwuSHQNZdQJwoHz5MmPsAOyq+xQBKOLFyHzkQ=; h=X-UI-Sender-Class:To:From:Subject:Date; b=YP8JDE2xx58ynYfBT8/U6tSpnZioh7KpJqSkC80C7rver63oDfcALKKPmIY+4m+49 qvaFOprlDaX4Y09biLvjFiX6F9BtpyBphgVXd7dxPR4GBByGfdlD3wCGJyF+QhuVpQ vKC6rr+XPNLuuXNfEICZB04DJhwHmZcXjSpV6Fug=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.30] ([80.132.239.73]) by mail.gmx.com (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MiJZO-1gscF73QgQ-00fU2K for <openpgp@ietf.org>; Wed, 01 May 2019 21:29:11 +0200
To: OpenPGP WG <openpgp@ietf.org>
From: Heiko Stamer <HeikoStamer@gmx.net>
Openpgp: preference=signencrypt
Autocrypt: addr=HeikoStamer@gmx.net; prefer-encrypt=mutual; keydata= mQGiBDdYKNkRBACRdsFzaQn0HChOX38WHXlIYcNZAAxBQxa7gdmPXTUK+tgwQuwAr/XViQxn ExKwyOteRhwHZNSYdoKPlCOJ3c3FWCKAdflINr53NvN/qnnaF+3M1HaluiwVdfHD9a0+k7fd NFZMq2bTpzSCQBsPGipSK0K8ET8UPrXm54pXhqYL2wCgsuMBOv64bmg2zjg6vHSTKADGykcD /Agjoa7y7Cpifk4WEKDKu8nlrE9OFOJppjZ9bdJedrmZq5A/jHr35UOgbZItTmgBiz7bfMLq 7HD05ZQ3BplBmmiE0412f55GadCjN4vvnCdTqZ/ewzWdz/rzQGaJm9IvW6rupuFgrTx0GJhf we7cr6GQQo0nqA0LMCyhGHQASC56A/9NOroBzLM6wl9QlE9lybxd3cxI2UnrfHIu63tklFKF vL1XnjyJ4YR0sDs6/f56JbtEGUKTCI7ZAw+241Va4MrbDVmmsGJjQBcKxNbHDfkkjoJ9NBwr pUo2nMT3BWyKHCfnMqoyT+nN04b0Em1ffbhptKiLJSeY1mcPxvA1h7PrKbQlSGVpa28gU3Rh bWVyIDxoZWlrby5zdGFtZXJAcG9zdGVvLmRlPohiBBMRAgAiAhsDAh4BAheABQJTnH9pBgsJ CAcDAgYVCAIJCgsEFgIDAQAKCRBPWE64+yvhT4n9AJwNsUcN5bx9/gtUs4LMmqBcePkQKwCf Y4FmM1D4rmTWsHQ1NRgsiqQhc265Aw0EN1gq2RAMAK4ZTZJZeaOmjIYhf9QfN7rQ6iXEF20r OG8NkeHLVLPw02t2QjejO5g4zGQplktPD+JCKBU1B/DL7l8BTDopofw4+fAierJ6C4jo/AbS pArZxaVJNkOVNbwHYPdCmO3yxieeMYQgYoZvtkBSA4OZZh2xLfmi3IRBPRSf+REiqPJBy9aA 0f7634vKldTG7R4PR2UP+THjpM/2SpNiyv/y9ZaEPYn3zHRkWsUw3xAMIiE73Hen6o/J9KIB 2e4jiI3VFiwq0LaKRv5whzltjKydGi2zVqcDLc93lDxsW2OXPE89GH3S/9irlEz/ciBuxtLT MMjSV3OeV34Mid7Muz8RE6whOaZteuEgAcLxONxe3FZHeG2cUuciCZDdFqDRtB6w0XhjltdI ZzD8zHBZyboRfBxubtRzriTxjFcxjI3L5df9uLWjuvkl0fSYpQV5dMX1Yus2kXiMHKUeTVE0 NtHqSnozzu88l6D+dCHX0i1BDFgkZi70oGEEaEW0NQgDItOdNwADBQv/a0d7nasV4JW9mjtF nlJDL9pyXHuGc+y9vfJNdy+DlzuHB44vtl+yH9ecTdpxE7RgB8ZvQvEwUmV+keBw+5NkR3ms +AnPrwZxwAIE/DxnwyBAQETkf9SIBH8cz0BCYQ37B+N4OW/pkYSWadjn2Bgi4IZRWyrDmnAI KwsGzfGUxPIKI3AMcRFFqjdhMaFo3L2GwJ2o0dBxd1LN0Xo6298ydcjrtAbKI1xuNXBfBAeU YCzGjg7cUw6XXfyjU5rTQkxKTu13xsKUwCnse7jOvDnfdNnYC+n7o4WNQBDhTiF0QMZ482ba FtCKcqdQJ3fQ9uioh1kOZirhJJ40xtYrDLcS3H9rQZff0X+CeOa94EdJYYYH7BIpysrfJ9c1 cxrg5brzeb9ofWaxLQvRIXBubbDtd0AunQMJXTfXHUmgYCdzSZVyy1tUzso1QacI4D0PhRIo euP8ihlWhqnHRv5tY8Ue18uFybaVIOWrsXXjQOVBUvXFmYCc9ykvJcyYSadLYkJliEYEGBEC AAYFAjdYKtkACgkQT1hOuPsr4U9xEwCeKB7jHvmUrWnuxsqx2Flvq2/gIk8AoKkOpGf2jud+ 8uWi5c1ohHWeuLtz
Message-ID: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net>
Date: Wed, 01 May 2019 21:29:09 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:lX57sEbei/mju4oeuXtGqXo2otbPMHIBM6z44CUA2a/rcbO6dVI zccbdAk4P+5Ypjh+62LFLmUk1zc5Vjmanrg3J7E1C5yyKrhva1FyT/4veEIzFyc/na3BFcU G1wIC1MiNfLMFhJE+7trOWwhKB0B9oetMW4Uf65wk0Y3LsVeBjRhGnqaRw1Vc7wmc8thuou yRoIpKhAsl8+l7km6NLtg==
X-UI-Out-Filterresults: notjunk:1;V03:K0:sPh5Kg/17+c=:s1fV2UO2r6i7DZh5dNWRX+ lPrx/V84HIutfoQlEOl9Zs7p48bcL/9T0PvSJ6T9aS5d0B8+dyrvx9heRZm//k8AWjxQifgSk LHM+lYN1N9+IVeQ6WOcSCMOlhblCdyRMHdwVVxQ5TFv413e9xmU4rsIDVJoQeUQvUINT7oQ6r 1m1cir4jStKDAHQQ9INBe0HpnU5kk3TjJTdu7w1cdpWLfMtGHCDjsRmOgZndg71YktHxPzpce S6ypk07vVCWLHCKnRtnn79hc6TsFx0Avc/KIfPpkAoYHeXjK6TMyspSFas7e772QE5PA4h2wp O3E6h+HGC6X9N6848QpzjkjTU7K/EF66gB9a4lL77uvGVTiDdtMfoBtBTjRk2lrvOriFq2CFm lvaQzPSuMrt/+zR/dduvG7g7jBd2XtJYNNPAg9Eg+FnjBlSKFwOVah8hizJ187VdkdPBS4CDN PqDoZUK5mwAmctIzoswSf829mCTTL/w5FC97BoHAXswGhSft+v6SKrYab2SMa2vMgTusNAx7f 4TuiTTTN+ahQknLHMzZj2O+cfNA2fQySIAlIqOd8sU60q0VSqYy51D9+xRn67kKsJZFCtalJ6 C8KPDAc4pLttWExdlpKZxB6Ci/YvQ04ikrHi/9+IHMvp8z1RcEKDom0/qahXQr5KaEn7dvxQ3 BN1zK7pu2dh+0AcQkcNj2atJGugUBd81KctXhlyg2U5NwNF9wsZeHBdWw6ugGYD3An5KOagCk hP2NA1eyTLn1C/5LOTQZ0SbLYM/HRNkFgz0lgRAaetWzdCVxSaAYMyO2MEF2H4JTAWdC3d4nu p0ptqLND+NjtIdy3X88A30fQ4jLjDEoBLnsnS1uhXz9Z779l68jmfJeUfgsI/auosdJ00FTb/ MwoNl4hvgKsCL3TS7Q3JXZVPFeWV/Ze/kDB1yva9jX86x3GuZ9+gBrDPz7XVvVWY6Vyar1mX7 bTKTjitTI7w==
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/A4JjKEKve9zIvTiFLKIyPZnnEXg>
Subject: [openpgp] Question on computing v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 May 2019 19:29:17 -0000

Dear friends of OpenPGP,

regarding compution of v5 signatures we have the following lines
in section 5.2.4 of the current draft RFC 4880bis-06:

  "a eight-octet big-endian number that is the length of the
   hashed data from the Signature packet stopping right before the
   0x05, 0xff octets."

I am wondering why a number of eight-octet size is used here. The
biggest field, AFAIS i.e. the hashed subpacket data area, is limited
by the included two-octet hashed subpacket length. So why 64 bit?

--
Heiko