[Webfunds-devel] [Fwd: Re: keys]

Jeroen C. van Gelderen jeroen@vangelderen.org
Thu, 31 Aug 2000 19:04:24 -0400


Ian Grigg wrote:
> 
> Ian Grigg wrote:
> 
> >                             Name: DigiGold_AUG_2000.asc
> >    DigiGold_AUG_2000.asc    Type: application/x-unknown-content-type-PGP
> >                         Encoding: base64
> 
> Oops, that wasn't meant to be forwarded, it isn't "official" yet,
> and even though signed, doesn't have accounts and money behind it.
> 
> I'll let you know when it starts being a 'valuable' contract rather
> than a test contract.  For interest sake, I see the hash as being
> 0ca5fd82.
> 
> We really need a convenient sha1 program in FreeBSD, just like md5 :)
> One could write it in Java but that would be so clumsy ...
> 
> BTW, from memory, the canonical hash rules we have established are:
> 
>    * from BEGIN to END lines, inclusive, excluding other lines
>    * space-trimmed at end (same as cleartext sig)
>    * _all_ lines terminated with \r\n (almost the same as sig)
>    * hash is undefined by this format, but can be tweaked in
>      local file, or assumed by application.  We assume SHA1.
> 
> The salient difference with the signature rules is that we
> do not drop the last \r\n.  That's a zimmerism that I wasn't
> prepared to punish any programmer with ;)

Unless I'm missing something...

I would suggest that the hash used is exactly the same 
hash that is signed by PGP. I.e. follow the OpenPGP rules
exactly. 

If we don't we'll end up with a contract hash that does not 
represent what the Issuer signed for. I.e. the OpenPGP 
signature is calculated over the contract without trailing
CR/LF whereas our hash is calculated over the contract 
with CR/LF.

Additionally this would cause a problem where two contract
hashes are considered to be different (i.e. different 
contracts) but OpenPGP would consider them to be the same
and both valid.

If someone were to mutilate an existing contract by adding
in the spurious newline, it would still look like a valid
contract but the hash wouldn't be correct. I can feel a 
support headache coming up already ;-)

I'm not sure why you wouldn't strip of the trailing CR/LF.
Enlighten me please! In any case, should we 'upgrade' to 
an XML format it wouldn't make a difference as the 
</contract> tag would denote the end of a contract 
unambiguously.

I basically think that details like this are probably not 
what you want to try and explain to a judge and that's
why I think following the OpenPGP signature rules could
-despite some braindamage- be a better solution than not
doing so...

Which negotiation bit did I miss here? ;-/

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen          o      _     _         _
jeroen@vangelderen.org  _o     /\_   _ \\o  (_)\__/o  (_)
                      _< \_   _>(_) (_)/<_    \_| \   _|/' \/
                     (_)>(_) (_)        (_)   (_)    (_)'  _\o_