-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 3/4/13 4:42 PM, Peter Gutmann wrote: > Quoting http://xmpp.org/extensions/xep-0027.html#signing: > > Signing enables a sender to verify that they sent a certain block > of text. [...] The text that is signed MAY be the empty string. > > (There's no metadata or anything there, just a raw signature).
No one uses XEP-0027 these days, they all use OTR. The PGP integration with XMPP clients was an early experiment in the Jabber community before we even called it XMPP. Think 13+ years ago. But clients never signed empty strings, although we never fixed the spec because no one was using the technology. I'll push to make the spec Obsolete. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRNUldAAoJEOoGpJErxa2pTEIQAIGMstyjlTE1v4pX8IyXxF0j 9TkcIqPKvJmUwM+SRC5cFic/FarOATXezkJPypxwjvscmcGmVKxMVDBT1PAjssnM kjJFLSU6f93ujySIS/BEfGbV5KbjTSOwqAvhiORYpQ5Mt2Cl9h/kIvfElBf7zDbf Bgt8gRT4fGQwYaEMNJH+0eBbvFuvRMYbyh8J/lD9sbCEmcXAFYfS6WxfSAEb2Zrm lefAKYlHP+t6gzXJHrCFGG4JPNP8k37nwDsIp/SW4d/VOu3HYjZAd8Xe1y+hpKZM lETcDM7HBCr0hGs3OSh9K/qmlkV8vvShROf0+khZvdeXiuuUuWuhjmnhG9urqt2S uHUOUv1q0BnnScDOT4VQJ31pdOdb3iJ5JedlgYJijV26JO94Ams3TadTIQfPoRa4 uzByU7E8lCtcwd6+tBoGLr+9S8spESsmRj3OAOsQuPUl1nOrjEO1rWbQE/e3HXgp dUfFZKIQGwrJRFK9MsR2JQVPKGwsi3Y7BdqsqkKx9ozAoWu3LRuqBdeEgT0eTlb6 st1tMCNGsZtk8ZUFeXYhmbGRJJPfcRotPom3r564tvBTCM/m0bu7VIuJaS24Mu4U GnRCIHxZiLY5yBL7EVCqabdUihLmLiYaF/Nu/VgikaxDv+IXyKoe+qYiWj6ppyN1 W0xarAcz2tF8RSYoGWZy =mfUh -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
