[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A weakness in PGP signatures, and a suggested solution (long)



>>>>> Christopher R Key <[email protected]> writes:

 > First of all, if the recipient is a newsgroup, why
 > would that particular information need to be part of the signed
 > information?

E.g. if I post some Emacs-worshipping to alt.religion.emacs --- fine.
But if someone forwards this to some serious comp.editor group, maybe
some people don't understand the jokes...

Only one example why it can be neccessarry to include the context
(e.g. the recipient) into the signature.


 > If you post to a newsgroup a message that is only
 > signed (as opposed to encrypted also), then you are obviously not
 > worried about who reads it.

The question is not if I care who reads it.  The question is in which
context (i.e. in which newsgroup) someone reads it.

 > The signature is only a method of
 > proving that the important text (message) is unchanged and intact,
 > and that the person who it is supposed to be from is the same who
 > signed it.

Probably many people don't make this destinction between the message
and the context.  And additionally: I can only proove that someone
forwarded my message to a wrong context, when the context is signed,
too.

Sure, I can include context-information manually, but when we want as
many people as possible using strong-crypto, it should be as
fool-proof as possible.

Therefore I think it would be a good idea to include the context into
the signature.



 > Secondly, if you are sending email to some one and sign it using
 > pgp, wouldn't that person need pgp to prove that in fact you did
 > sign it?  Then it can be reasonable that if that person has pgp to
 > prove the signature, that person has pgp to decrypt mail sent to
 > them.  Simply sign you message and encrypt it using that person's
 > public key.
{SNIP}

Then the receipient decrypts the message, encrypts it under another
person's public-key and forwards it to them.  And so the context has
changed, while my signature is still valid.....


Have a nice day!

Michael Deindl
--


DISCLAIMER: My oppinions are my own, not those of my employer IBM.