On 2002-01-25 at 13:51 +0000, Philip Hazel wrote:
> RFC 2822 messages are defined in terms of lines, but different OS use
> different ways of terminating lines. Some use CR, some use LF, some use
> CRLF, and some use none of the above. So if you want to do hash
> operations, you had better do them on the data in the lines, excluding
> the terminating characters (if any).
Which pre-supposes that the line-terminators are insignificant.
There's an RFC which encourages taking the hash over the message with
all line-termination set to CRLF first.
Ahah, found RFC 3156, "MIME Security with OpenPGP", Proposed Standard:
When the OpenPGP digital signature is generated:
(1) The data to be signed MUST first be converted to its content-
type specific canonical form. For text/plain, this means
conversion to an appropriate character set and conversion of
line endings to the canonical <CR><LF> sequence.
[... many other pieces of advice ...]
--
Axiom #3: "Sturgeon's Law (90% of everything is crap) applies to Usenet."
Corollary #5: "In an unmoderated newsgroup, no one can agree on what
constitutes the 10%." Corollary #6: "Nothing guarantees that the 10% isn't
crap, too." -- Gene Spafford