simpler proposal for 1pa3pc: ship 3pc as hashed embedded signature subpackets in self-sig
While reading I was wondering about the following line:
The third-party certification MUST have an unhashed subpacket of type Embedded Signature
Is there any reason (that I have missed) to put the embedded signature into the unhashed subpacket area and not the hashed one?
Edited by Daniel Kahn Gillmor