Re: PGP Message Signatures on FAQs


Ian Jackson (
Wed, 11 Jan 95 03:00 GMT

James D. Murray writes ("PGP Message Signatures on FAQs"):
> With the January release of my FAQ I wish to include a PGP message
> signature for the typical reasons. When I ran my plain-text FAQ file
> through PGP a la:
> pgp -sat +clearsig=on <filename>
> I was not pleased to see that each 30 column long line of hyphens separating
> each entry (as speced by RFC 1153) had a space added at the second column,
> as in before:
> ------------------------------
> and after:
> - -----------------------------
> I realize why this is done, but I would like to know if 1) there is a way to
> keep PGP from modifying a text file in this way and, 2) will this modification
> screw up any readers/converters that require RFC 1153 format?

No, there isn't a way to keep PGP from doing this. You could manually
edit out the added `- ' characters yourself (with a sed script
perhaps), but then PGP wouldn't be able to check the signature on the
result any more. I suppose you could tell people to add them back,
but that's very nasty.

The extra characters will unfortunately probably do nasty things to
many readers and converters that expect RFC1153 or something similar.

It will certainly screw up any RFC934-based bursters, as PGP's
encapsulation for the lines of hyphens is the same as that in RFC934
for the division between sub-messages, making the whole thing appear
to be one sub-message.

> I notice this "feature" appears in the linux FAQ which is PGP message
> signed and RFC 1153 compliant.

The problem isn't too serious with the Linux FAQ wrt converters,
because I already generate all the required formats myself, so there's
no need to convert to anything else. (In particular, Tom Fine has the
URL for the official HTML version.)

I don't know how many newsreaders use RFC1153 or RFC934. rn's `^G'
feature to go to the next `Subject:' line wouldn't work anyway as the
question headings aren't `Subject:'.

The ASCII version of the FAQ on the FTP sites doesn't have the extra
hyphens (nor does it have the news headers).

BTW, RFC1153 says that the hyphens should be 70 characters for the
first divider, and then 30 thereafter. I use 77 before PGP, making 79
after PGP, so that the divisions fill the whole line.

Michelle Murrain writes ("Re: PGP Message Signatures on FAQs"):
> Can I ask what might seem a dumb question? I certainly understand the
> reasoning behind using PGP in individual, personal e-mail. Unless one is
> putting a public key for private responses to an FAQ (perhaps this is the
> reason), why else would one want to include a PGP message signature in
> an FAQ?

Well, only a few months ago a forged copy of my Linux FAQ was
accidentally posted. That's when I started signing it.

It's not a dumb question though.

> And yes, to spread the gospel of PGP.

Indeed, that too.

Besides, it makes the start of FAQ look more impressive :-).


[ Usenet Hypertext FAQ Archive | Search Mail Archive | Authors | Usenet ]
[ 1993 | 1994 | 1995 | 1996 | 1997 ]


© Copyright The Landfield Group, 1997
All rights reserved