[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: more about the usefulness of PGP



make sure that you are protected from replay attacks.

a good idea would be to make the server to send cookies by request of
the remote user (you can limit the number of people to whom the server
sends cookies) and make sure that messages without the latest cookie
will NOT be executed.

igor

[email protected] wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Here's an idea that I always wanted to implement but never did
> yet.  I thought I'd share and if someone else has already done
> it let me have a copy.
> 
> 
> I should be able to execute scripts remotely by sending e-mail
> to an account.  Simple mail-handling scripts at that account
> should check the PGP signature (and timestamp/counter to prevent
> replay/delay attacks) and then pass the contents to a full
> script-language interpreter.
> 
> 
> Perl is a natural choice of interpreter.  Has anybody
> implemented this (hopefully complete with replay/delay 
> prevention)?
> 
> 
> Thanks!
> 
> Bryce
> 
> P.S.  No, actually I can't think of any good use for this
> trick.  But maybe if I had it I would find good uses for it.
> 
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2i
> Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2
> 
> iQB1AwUBMd7FIEjbHy8sKZitAQHhRQMAmZoekRgmUKSYv89/QrkzRFdTUZLZHK8a
> tlaXLtyJXrOjajxJRVvXWY7Rum6mVXe/4eHTPCGzzWQdXMJB/TJSQeRmTuSiSd9i
> 0DtWcQSmP4q5AFor48NtNvqAOEonf5Vi
> =My90
> -----END PGP SIGNATURE-----
> 



	- Igor.