[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A weakness in PGP signatures, and a suggested solution
- To: [email protected]
- Subject: Re: A weakness in PGP signatures, and a suggested solution
- From: [email protected] (Dr. Dimitri Vulis)
- Date: Wed, 17 Jan 96 19:12:24 EST
- Comments: #include <standard.disclaimer> || echo '+' >$HOME/.rhosts
- In-Reply-To: <[email protected]>
- Organization: Brighton Beach Boardwalk BBS, Forest Hills, N.Y.
- Sender: [email protected]
"Brian C. Lane" <[email protected]> writes:
> > > In article <Pine.ULT.3.91.960110182255.18692H-100000@xdm011>, Jeffrey Gol
> >
> > But then the recipient has a PGP-signed message from you which
> > isn't encrypted (using pgp -d). That person could then impersonate
> > you. Eg Alice the jilted lover could resend the goodbye message
> > with forged headers to Bob's new girlfriend to get back at him.
>
> Ah ha! Now I understand what this argument has been all about. This
> is not a flaw with PGP, but with the software doing the signing. It
> should/could add a line with a time and date stamp inside the
> signature envelope, or Bob could add more information, making the
> message more specific.
>
> I don't think PGP needs to be 'fixed', but the signing software
> does.
I think a two-fold fix would be welcome;
1. The signing software needs to copy these headers within the body in
a standard way. I think I've seen a couple of such hacks already.
That's a welcome idea.
2. When PGP verified the signature, it should have an option to look outside
the signed portion for RFC 822 headers and compare them to the signed copy
of he headers inside. If this is not in PGP, then then function would have to
be done by some non-portable wrapper.
(Of course, if your headers aren't RFC 822, you're out of luck.)
(As someone pointed out, PGP already time-stamps the signature.)
---
<a href="mailto:[email protected]">Dr. Dimitri Vulis</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps