[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Only accepting e-mail from known parties
> On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:
>
> > As I keep pointing out, pgp-signing the body is not enough.
>
> You're wrong.
He's right.
> You can setup Procmail to detect if something is signed
> with PGP, and if it is, to run a script which determines
> the authenticity of the signature. If the signature is
> not authentic, the message goes to /dev/null. That way,
> even if Carol is using intercepted messages from Bob, Carol's
> messages won't be accepted or seen.
Ok. If I want to get my email ad for the Ronco turnip-twaddler past a filter
like that, all I need to do is to create a PGP key with
a user name that's the same as one that the victim already
receives.
i.e. if I know that [email protected] exchanges email with [email protected], then
I just create a PGP key with the name "[email protected]", and sign
the turnip-twaddler ad with that. It'd have a valid signature, and
one coming from Joe's friend phred. Mail accepted.
In addition to checking for a valid signature, the filtering software
would have to also check the PGP key id of the key used. It would
also need to make sure that there is ONLY PGP-signed content in the
mail. Otherwise Mallet could grab an innocuous mail message that
Phred signed and included it at the bottom of the turnip-twaddler ad.
It wouldn't make sense (although that might be usual with Phred), but it'd
contain a valid signature from Phred, and therefore get the ad
past the filter.
I'm sure there's other caveats, these are just the ones I can think of now.
I wish all Cypherpunks a Merry Christmas. I hope Santa brought you
all something nice, like a fast new stream cipher, a new key exchange
protocol, or maybe a note from the Fedz saying that ITAR has been lifted.
--
Eric Murray [email protected] [email protected] http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF