[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: O.J. ObCrypto: Fuhrman's Folly Fans Fakery Fears...

To: Bill Stewart <[email protected]>
Subject: Re: O.J. ObCrypto: Fuhrman's Folly Fans Fakery Fears...
From: "Robert A. Rosenberg" <[email protected]>
Date: Sat, 2 Sep 1995 00:38:05 -0400
Cc: [email protected]
Sender: [email protected]

At 12:13 9/1/95, Bill Stewart wrote:
>>I do not think that PGP 2.x can easily (ie: Automatically) use one key for
>>Signing and another for Encrypting a Message (it does both at the same time
>>if you ask). If I "Clear Sign" a message and then Encrypt it, then I get
>>the result but I'm not sure if doing the decrypt on such a message will
>>automatically spot the signature and verify it (as would occur with a E+S
>>pass).
>
>PGP identifies the key for decryption and signature checking from the message.
>When you're signing a message or key, you can pick which of your keys to
>use with the -u option.

OK - I'll rephrase my query/quandary. If I create a message by feeding in
plain text and asking for an Encrypt and Sign is the FORMAT of the
resulting file different from one there I Sign the Text and then (in a
separate step/pass) Encrypt the Signed Message (IOW is E+S just a short cut
for the two processes done in sequence using the same key for both
operations)? If E+S is only a short-cut then doing the steps separately
will give the result that PGP3 will get automatically with its Separate
Function Keys Feature.

>The difficulty is getting people to use your
>encryption key instead of your signature key when encrypting stuff for you.
>Derek mentioned one approach (get people to load the encryption key first);
>unfortunately, you can't predict their behavior, and if you change encryption
>keys more often than signature keys, they'll load the newest encryption key
>last.
>Another approach is to identify them in the names - my key certification key
>says "KeyCert-only" in the text.
>
>For the problem that started this discussion, though, there's no good solution.
>Since the Bad Guys _can_ encrypt a message to you with your signature key,
>and send it to you by anonymous remailer, they can plant a reason to suspect
>that you may have evidence encrypted with that key.

This will all become (more) academic once PGP3 comes out and Sign-Only keys
would not be usable for Encryption.

Prev by Date: IETF security report
Next by Date: Re: SSL search attack
Prev by thread: Different Keys for Signing and Encrypting
Next by thread: Re: O.J. ObCrypto: Fuhrman's Folly Fans Fakery Fears...
Index(es):
- Date
- Thread