[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Only accepting e-mail from known parties



 
 
> On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:
> 
> > As I keep pointing out, pgp-signing the body is not enough.
> 
> 	You're wrong.

He's right.

> 	You can setup Procmail to detect if something is signed
> 	with PGP, and if it is, to run a script which determines
> 	the authenticity of the signature.  If the signature is
> 	not authentic, the message goes to /dev/null.  That way,
> 	even if Carol is using intercepted messages from Bob, Carol's
> 	messages won't be accepted or seen.

Ok.  If I want to get my email ad for the Ronco turnip-twaddler past a filter
like that, all I need to do is to create a PGP key with
a user name that's the same as one that the victim already
receives.

i.e. if I know that [email protected] exchanges email with [email protected], then
I just create a PGP key with the name "[email protected]", and sign
the turnip-twaddler ad with that.  It'd have a valid signature, and
one coming from Joe's friend phred.   Mail accepted.

In addition to checking for a valid signature, the filtering software
would have to also check the PGP key id of the key used.  It would
also need to make sure that there is ONLY PGP-signed content in the
mail.  Otherwise Mallet could grab an innocuous mail message that
Phred signed and included it at the bottom of the turnip-twaddler ad.
It wouldn't make sense (although that might be usual with Phred), but it'd
contain a valid signature from Phred, and therefore get the ad
past the filter.

I'm sure there's other caveats, these are just the ones I can think of now.



I wish all Cypherpunks a Merry Christmas.  I hope Santa brought you
all something nice, like a fast new stream cipher, a new key exchange
protocol, or maybe a note from the Fedz saying that ITAR has been lifted.
 

-- 
Eric Murray  [email protected]  [email protected]  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF