[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: why pgp sucks

To: [email protected]
Subject: Re: why pgp sucks
From: Hal <[email protected]>
Date: Sat, 11 Feb 1995 09:09:53 -0800
References: <[email protected]>
Sender: [email protected]

[email protected] (Al Thompson) writes:
>I would prefer that PGP would not give out ANY info about addressees.  It 
>would seem to me that it is quite a security breach to have PGP dutifully 
>tell you to whom it is addressed.  

PGP could be hacked fairly easily to do this (in fact there is a
program around called stealth that does this to some extent), however
in the context of this discussion we were discussing more the issue of
checking the signature on a file.  For that we do need a hint about
whose signature purports to be there.  PGP presently provides this in
the form of the low-order 64 bits of the key modulus, and this provides
problems in implementing the key database in distributed form.

Hal

References:
- Re: why pgp sucks
  - From: [email protected] (Al Thompson)

Prev by Date: Forwarded mail....
Next by Date: Re: S314 and potential hell-raising
Prev by thread: Re: why pgp sucks
Next by thread: Re: West (was:HR830 - Anyone tracking this?)
Index(es):
- Date
- Thread