Using notations on data signatures
David Shaw
dshaw at jabberwocky.com
Tue Feb 5 15:42:16 CET 2008
On Tue, Feb 05, 2008 at 02:29:01PM +0000, Phil Brooke wrote:
> Hi,
>
> I'm a bit confused about --sig-notation. Suppose I detach-sign a file; is it
> reasonable to use notations to briefly comment on it? e.g.,
> --sig-notation user at some.domain="This loan application is approved."
> (Not dealing with loans really, but needed some example....)
Yes, that is a reasonable use of a notation. Notations (and
especially user notations) are basically the escape hatch in the
OpenPGP design: they're intended for adding stuff to signatures. What
stuff if up to the adder.
See also --sig-policy-url for another, but more standard, way to add
information about a signature.
> Is the notation part of the signed data (whereas the comment headers aren't)
> so that tampering with the notation is evident?
Yes.
David
More information about the Gnupg-users
mailing list