Clarify use of “Ed25519” in OpenPGP (!73) · Merge requests · openpgp-wg / rfc4880bis

jethrogb requested to merge jethrogb/rfc4880bis:ed25519-clarification into main Oct 12, 2021

Ed25519 specifies that an actual message, not a digest, should be used as the input to the signature function. This is not done in the example in Appendix A. Based on discussion in #48 (closed), !68 (merged) it appears this is intended. Therefore, in this MR: Unambiguously describe which EdDSA instantiation is used in OpenPGP, clarify how this is non-standard, and what the security implications are.

Actually fixes #31 (closed)

Refs #48 (closed), !68 (merged)

Admin message

Clarify use of “Ed25519” in OpenPGP

Merge request reports