[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A weakness in PGP signatures, and a suggested solution (long)

Subject: Re: A weakness in PGP signatures, and a suggested solution (long)
From: [email protected] ((Michael Deindl))
Date: 16 Jan 1996 10:29:48 GMT
Apparently-To: [email protected]
In-Reply-To: [email protected]'s message of Thu, 11 Jan 1996 15:21:34 GMT
Newsgroups: netcraft.cypherpunks,alt.security.pgp,sci.crypt,mail.cypherpunks
Organization: IBM Deutschland Entwicklung --- Smard Card Solutions, SoftwareDevelopement
References: <[email protected]><Pine.ULT.3.91.960110182255.18692H-100000@xdm011><[email protected]>
Sender: [email protected]
Xref: hudson.lm.com alt.security.pgp:49759 sci.crypt:48146 mail.cypherpunks:24606

>>>>> Christopher R Key <[email protected]> writes:

 > First of all, if the recipient is a newsgroup, why
 > would that particular information need to be part of the signed
 > information?

E.g. if I post some Emacs-worshipping to alt.religion.emacs --- fine.
But if someone forwards this to some serious comp.editor group, maybe
some people don't understand the jokes...

Only one example why it can be neccessarry to include the context
(e.g. the recipient) into the signature.

 > If you post to a newsgroup a message that is only
 > signed (as opposed to encrypted also), then you are obviously not
 > worried about who reads it.

The question is not if I care who reads it.  The question is in which
context (i.e. in which newsgroup) someone reads it.

 > The signature is only a method of
 > proving that the important text (message) is unchanged and intact,
 > and that the person who it is supposed to be from is the same who
 > signed it.

Probably many people don't make this destinction between the message
and the context.  And additionally: I can only proove that someone
forwarded my message to a wrong context, when the context is signed,
too.

Sure, I can include context-information manually, but when we want as
many people as possible using strong-crypto, it should be as
fool-proof as possible.

Therefore I think it would be a good idea to include the context into
the signature.

 > Secondly, if you are sending email to some one and sign it using
 > pgp, wouldn't that person need pgp to prove that in fact you did
 > sign it?  Then it can be reasonable that if that person has pgp to
 > prove the signature, that person has pgp to decrypt mail sent to
 > them.  Simply sign you message and encrypt it using that person's
 > public key.
{SNIP}

Then the receipient decrypts the message, encrypts it under another
person's public-key and forwards it to them.  And so the context has
changed, while my signature is still valid.....

Have a nice day!

Michael Deindl
--

DISCLAIMER: My oppinions are my own, not those of my employer IBM.

References:
- Re: A weakness in PGP signatures, and a suggested solution (long)
  - From: Jeffrey Goldberg <[email protected]>
- Re: A weakness in PGP signatures, and a suggested solution (long)
  - From: [email protected] (Christopher R. Key)

Prev by Date: Re: CryptoAPI and export question
Next by Date: Re: Microsoft's CAPI
Prev by thread: Re: A weakness in PGP signatures, and a suggested solution (long)
Next by thread: Re: A weakness in PGP signatures, and a suggested solution (long)
Index(es):
- Date
- Thread