[cryptography] Is it just me or is this fundamentally broken?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Mar 4 18:42:37 EST 2013

Quoting http://xmpp.org/extensions/xep-0027.html#signing:

  Signing enables a sender to verify that they sent a certain block of text.
  [...] The text that is signed MAY be the empty string.

(There's no metadata or anything there, just a raw signature).


More information about the cryptography mailing list