[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A weakness in PGP signatures, and a suggested solution (long)

To: [email protected]
Subject: Re: A weakness in PGP signatures, and a suggested solution (long)
From: "E. ALLEN SMITH" <[email protected]>
Date: Tue, 16 Jan 1996 19:29 EDT
Cc: [email protected]
Sender: [email protected]

From: [email protected] (Christopher R. Key)

>First of all, if the recipient is a newsgroup, why would that particular
information need to be part of the signed information?  If you post to a
newsgroup a message that is only signed (as opposed to encrypted also), 
then you are obviously not worried about who reads it.  The signature is 
only a method of proving that the important text (message) is unchanged and
intact, and that the person who it is supposed to be from is the same who 
signed it.
--------------
     How about proving that you _weren't_ spamming? I.e., an enemy spots a
message on a newsgroup from you with a signature, then duplicates it with
header modifications on 500 newsgroups including news.admin.net-abuse.misc
(to add insult to injury). Sorry if a bunch of other people have pointed this
out by the time my message gets to toad.com, but...
     -Allen

Prev by Date: A Modest Proposal: Fattening up the Proles
Next by Date: remarkable recent stories
Prev by thread: Re: A weakness in PGP signatures, and a suggested solution (long)
Next by thread: Re: A weakness in PGP signatures, and a suggested solution (long)
Index(es):
- Date
- Thread