Re: C : how to export raw YUV to a file ?
From: Michael Wojcik (mwojcik_at_newsguy.com)
Date: 10/08/04
- Next message: Michael Wojcik: "Re: improving execution speed of a program"
- Previous message: Paul Lutus: "Re: Help - string length question in C"
- In reply to: Arthur J. O'Dwyer: "Re: C : how to export raw YUV to a file ?"
- Next in thread: Arthur J. O'Dwyer: "Ugly PGP signatures, was re: C : how to export raw YUV to a file ?"
- Reply: Arthur J. O'Dwyer: "Ugly PGP signatures, was re: C : how to export raw YUV to a file ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 8 Oct 2004 17:36:43 GMT
In article <Pine.LNX.4.60-041.0410061740120.26909@unix45.andrew.cmu.edu>, "Arthur J. O'Dwyer" <ajo@nospam.andrew.cmu.edu> writes:
>
> On Wed, 6 Oct 2004, Michael Wojcik wrote:
>
> Aha. This makes a lot of sense now. And I suppose transfer agents
> are also allowed to rewrite the message body in subtle ways, such as
> adding or deleting blank-line prefixes and/or suffixes? Otherwise,
> PGP could simply add a header that would contain the signature of the
> message body, ignoring all other headers, and it would be fine.
PGP could just as easily convert the message to a canonical form that
included removing leading and trailing whitespace before signing or
verifying, so I don't think that would make a difference, actually.
> (Re: the suggestion that the sender might only want to sign part of
> a message body, I can't think of any situations where the inability
> to not-sign some part of a message you're sending anyway would be any
> kind of disadvantage. If you don't want people to be sure you said it,
> why are you putting it in a message with things you /do/ want to be
> unambiguously associated with?)
Being able to specify the boundaries of the signed message is useful
for a variety of protocols, such as attaching multiple signatures,
especially if not all of the signing parties are signing the entire
message. Remember that PGP is intended for more applications than
simple Usenet and plain-text email, so some of its features that may
appear unnecessary in those environments may required for other uses.
Consider the situation where you want to forward a signed message to
another party, with your comments. You'd like the recipient to be
able to verify the original author's signature. (Maybe your comments
are also signed by you; that's irrelevant to this argument.) Your
recipient has to know where the portion signed by the original author
begins and ends in order to verify that signature.
Moreover, explicitly specifying the signed content adds flexibility
at minimal cost, so why not do it?
> > The signature data itself could be placed in a header, but why
> > bother? It appears after the message, where it's arguably easier to
> > ignore than a header would be anyway.
>
> Um... not in any client I'm familiar with. Does your client show
> you all the message headers by default?
No, but there are clients which do so. And there are clients which
initially download only the headers; putting the signature in the
message body saves on their bandwidth and storage requirements. And
sometimes I look at messages using netcat or telnet - generally
because I'm debugging an NTTP server or configuration, but maybe I'll
have the urge to read news that way one of these days. :-)
> > If you want a user agent that hides signature delimiters and data,
> > just write one or adapt an existing one. You're using Pine? How
> > hard could it be to patch it to hide the signature stuff?
>
> Fairly hard to write a patch for a program I've never examined before,
> on a shared system where I have very limited storage space. Probably
> very hard to install a patched binary on a shared system where I am not
> one of the Inner Circle. :)
Sorry, I assumed you were using a shell account and could just run
binaries you wrote (an NTTP client doesn't need any special
privileges). (Were that the case, I continue to believe that you
could patch Pine pretty quickly, were you so inclined. It's a
relatively straightforward program, albeit written in pre-ANSI C and
full of Crispinisms. I just downloaded and glanced at the code and I
could pretty well guess where I might insert such a hack. But I
realize this sort of thing isn't everyone's cup of tea, and in your
situation apparently not an option anyway.)
> FWIW, I also agree with the poster who said that PGP signatures on
> Usenet posts are kind of silly anyway... but I'm ambivalent, since I
> do like the idea of signatures in general, and it would be silly of me
> to discourage people from using them altogether when really I think
> everyone will be using them In The Future[tm].
Yes, it is a bit of chicken-and-egg, isn't it. Everyone's whining
about forged email, and people like Bill Gates are thumping their
chests over half-baked "solutions" to it, while we've had the real
fix for years - but most people either can't be bothered to use it,
or don't understand it, and their ISPs aren't making it easy for
them. (Yes, web-of-trust has problems, and certificates signed by
commercial CAs cost money - but those are solvable, and they're much
smaller problems than forged email.)
Maybe we should all just start submitting patches to our favorite
user agents that make them handle signatures (signing, verification,
and - the issue that started this subthread - display) more
gracefully, to improve the infrastructure. That might reduce some of
the resistance to signing in the first place. I don't know, though;
I don't like to bet on sensible behavior from computer users.
-- Michael Wojcik michael.wojcik@microfocus.com There are many definitions of what art is, but what I am convinced art is not is self-expression. If I have an experience, it is not important because it is mine. It is important because it's worth writing about for other people, worth sharing with other people. That is what gives it validity. (Auden)
- Next message: Michael Wojcik: "Re: improving execution speed of a program"
- Previous message: Paul Lutus: "Re: Help - string length question in C"
- In reply to: Arthur J. O'Dwyer: "Re: C : how to export raw YUV to a file ?"
- Next in thread: Arthur J. O'Dwyer: "Ugly PGP signatures, was re: C : how to export raw YUV to a file ?"
- Reply: Arthur J. O'Dwyer: "Ugly PGP signatures, was re: C : how to export raw YUV to a file ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
