Re: secure sign & encrypt
Jon Callas <jon@callas.org> Wed, 22 May 2002 19:20 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA26484 for <openpgp-archive@odin.ietf.org>; Wed, 22 May 2002 15:20:25 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g4MJA4T25265 for ietf-openpgp-bks; Wed, 22 May 2002 12:10:04 -0700 (PDT)
Received: from merrymeet.com (merrymeet.com [63.73.97.162]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4MJA3L25259 for <ietf-openpgp@imc.org>; Wed, 22 May 2002 12:10:03 -0700 (PDT)
Received: from [192.168.1.126] (63.84.37.127) by merrymeet.com with ESMTP (Eudora Internet Mail Server 3.1.2); Wed, 22 May 2002 12:10:00 -0700
User-Agent: Microsoft-Entourage/10.0.0.1331
Date: Wed, 22 May 2002 12:09:47 -0700
Subject: Re: secure sign & encrypt
From: Jon Callas <jon@callas.org>
To: Terje Braaten <Terje.Braaten@concept.fr>, OpenPGP <ietf-openpgp@imc.org>
Message-ID: <B9113B0B.36FA%jon@callas.org>
In-Reply-To: <1F4F2D8ADFFCD411819300B0D0AA862E29ABEA@csexch.Conceptfr.net>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
Hal posted a pointer to my comments on this from last year. I'll weigh in
again.
I think this is an issue with semantics. You can't solve semantic problems
with added syntax, no matter how much syntax you add.
Furthermore, there are risks with this, too. You can still perform a
redirection attack on a targeted signature. Suppose Alice is trying to do a
business deal with both Bob and Charlie, and trying to get the best price.
If Bob sends Charlie a signed message that is targeted to him, it can be
more embarrassing than if the signature were untargeted. I'm really sorry,
but if you send a private message to someone who puts it on their web page,
you might be irked by this.
One of the things that I try to keep an eye out for is traffic analysis. I
think it is a feature of OpenPGP that it puts the signatures inside the
envelope, because if they're outside the envelope, you have
cryptographically assisted traffic analysis. Targeting in signatures also
assists traffic analysis, and users who don't understand that signing
low-context messages is a bad idea aren't going to understand traffic
analysis issues.
Lastly, if you really, really want to do this, there is already support in
the OpenPGP protocol for it! This is one of the myriad things notations are
good for. Software can make a signature with a human-readable notation in it
that is boilerplate. It could say, "Created on <date> by <source> for
<target>." There's your targeting, just convince some implementer to do it.
Just don't make me use it, thanks. I'll have even less reason to sign
things.
Jon
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten