RE: secure sign & encrypt
Terje Braaten <Terje.Braaten@concept.fr> Mon, 20 May 2002 23:43 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA21742 for <openpgp-archive@odin.ietf.org>; Mon, 20 May 2002 19:43:08 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id g4KNYDI16475 for ietf-openpgp-bks; Mon, 20 May 2002 16:34:13 -0700 (PDT)
Received: from csexch.Conceptfr.net (mail.concept-agresso.com [194.250.222.1]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4KNYBL16471 for <ietf-openpgp@imc.org>; Mon, 20 May 2002 16:34:11 -0700 (PDT)
Received: by csexch.Conceptfr.net with Internet Mail Service (5.5.2653.19) id <L27XBPRJ>; Tue, 21 May 2002 01:31:47 +0200
Message-ID: <1F4F2D8ADFFCD411819300B0D0AA862E29ABE3@csexch.Conceptfr.net>
From: Terje Braaten <Terje.Braaten@concept.fr>
To: "'ietf-openpgp@imc.org'" <ietf-openpgp@imc.org>
Subject: RE: secure sign & encrypt
Date: Tue, 21 May 2002 01:31:47 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id g4KNYCL16472
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit
Well, it is not only to add a new packet, but also add to the user programs a check that if the packet is present in the signature, the signature block should come from decrypting a message with one the expected keys. Clear signed messages should pose no user problems, because the users generally understands that such the cryptographic software will not give any confirmation of the origin of the message. The problem is that most users when they decrypt a message that is signed, they will think they can be sure the signer and the encrypter is the same person/entity. It would be a major improvement in the OpenPGP specification to allow applications to ensure that that really is the case. Have you read the link http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html I really think it addresses a real problem. -- Terje BrĂ¥ten -----Original Message----- From: Hal Finney [mailto:hal@finney.org] Sent: 21. mai 2002 00:12 To: ietf-openpgp@imc.org; Terje.Braaten@concept.fr Subject: Re: secure sign & encrypt There was quite a bit of discussion about this last year on the cryptography mailing list. I thought Jon Callas' message was good, pointing out the wider ramifications of this kind of "failure": http://www.mit.edu:8008/bloom-picayune/crypto/8891. It is really not clear that solving it is as simple as adding a new packet. There are still other ways that things can go wrong, such as simply redirecting a clear-signed message. The fundamental problem is that people don't understand what is protected and what isn't in a signed mail message. Hal
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten