Re: Anybody know details about Schneier's "flaw"?

pgut001@cs.auckland.ac.nz (Peter Gutmann) Tue, 20 August 2002 02:20 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA20847 for <openpgp-archive@lists.ietf.org>; Mon, 19 Aug 2002 22:20:56 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g7K29e709945 for ietf-openpgp-bks; Mon, 19 Aug 2002 19:09:40 -0700 (PDT)
Received: from hermes.cs.auckland.ac.nz (hermes.cs.auckland.ac.nz [130.216.35.151]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g7K29b209938 for <ietf-openpgp@imc.org>; Mon, 19 Aug 2002 19:09:38 -0700 (PDT)
Received: from ruru.cs.auckland.ac.nz (ruru-nfs.cs.auckland.ac.nz [130.216.35.12]) by hermes.cs.auckland.ac.nz (8.12.4/8.12.4) with ESMTP id g7K29Z8W026274; Tue, 20 Aug 2002 14:09:35 +1200
Received: (from pgut001@localhost) by ruru.cs.auckland.ac.nz (8.9.3/8.8.6/cs-slave) id OAA259250; Tue, 20 Aug 2002 14:09:34 +1200 (NZST) (sender pgut001@cs.auckland.ac.nz)
Date: Tue, 20 Aug 2002 14:09:34 +1200 (NZST)
Message-ID: <200208200209.OAA259250@ruru.cs.auckland.ac.nz>
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: david.hopwood@zetnet.co.uk, ietf-openpgp@imc.org
Subject: Re: Anybody know details about Schneier's "flaw"?
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

David Hopwood <david.hopwood@zetnet.co.uk> writes:

>What on earth does this attack have to do with sending millions of messages?

The point was that, like the Bleichenbacher attack on email, there are a large
list of far more serious problems to worry about than something like this.
However, as someone else has pointed out, this isn't the right forum to
discuss them.  Shall we take it to cypherpunks perhaps?

Peter.