Documentation: make clear that detached signatures are preferred
Open, Needs TriagePublic
Actions

Assigned To

None

Authored By

	thesamesam
	Mon, Dec 29, 5:34 PM

Description

In the FAQ at https://www.gnupg.org/faq/gnupg-faq.html#generate_inline_signature, it says:

An inline signature wraps a textual header and footer around the text to be signed, leaving the text readable without running GnuPG. This doesn’t conceal the text at all and therefore provides no secrecy, but if someone edits the text GnuPG will report that the signature is bad.

It should be updated to make clear this should be avoided if possible, and detached signatures are preferable (T7902 etc).

Related Objects

Mentioned Here: T7902: OpenPGP Cleartext Signature Framework

Event Timeline

https://www.gnupg.org/gph/en/manual/x135.html could benefit from the same treatment under "Clearsigned documents".

thesamesam renamed this task from FAQ: make clear that detached signatures are preferred to Documentation: make clear that detached signatures are preferred.Mon, Dec 29, 5:35 PM

thesamesam updated the task description. (Show Details)

Documentation: make clear that detached signatures are preferredOpen, Needs TriagePublicActions

Description

Related Objects

Event Timeline

Documentation: make clear that detached signatures are preferred
Open, Needs TriagePublic
Actions