Re: MessageID wording paranoia
William Lewis <wiml@omnigroup.com> Thu, 26 March 1998 03:26 UTC
Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id TAA05764 for ietf-open-pgp-bks; Wed, 25 Mar 1998 19:26:21 -0800 (PST)
Received: from ignem.omnigroup.com (ignem.omnigroup.com [198.151.161.40]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id TAA05760 for <ietf-open-pgp@imc.org>; Wed, 25 Mar 1998 19:26:20 -0800 (PST)
Received: from reason.omnigroup.com (reason [198.151.161.25]) by ignem.omnigroup.com (8.8.5/8.8.5) with SMTP id TAA11589; Wed, 25 Mar 1998 19:26:10 -0800 (GMT-0800)
Message-Id: <199803260326.TAA11589@ignem.omnigroup.com>
Received: by reason.omnigroup.com (NX5.67g/NX3.0X) id AA19526; Wed, 25 Mar 98 19:26:17 -0800
Content-Type: text/plain
Mime-Version: 1.0 (NeXT Mail 4.2mach v148)
X-Image-Url: http://www.omnigroup.com/People/wiml/i/garbage_man.tiff
In-Reply-To: <199803260117.UAA29524@users.invweb.net>
X-Nextstep-Mailer: Mail 4.2mach (Enhance 2.1)
Received: by NeXT.Mailer (1.148)
From: William Lewis <wiml@omnigroup.com>
Date: Wed, 25 Mar 1998 19:26:16 -0800
To: "William H. Geiger III" <whgiii@invweb.net>
Subject: Re: MessageID wording paranoia
Cc: Jon Callas <jon@pgp.com>, Thomas Roessler <roessler@guug.de>, ietf-open-pgp@imc.org
References: <199803260117.UAA29524@users.invweb.net>
X-Pgp-Keyid: 0x27F772C1
Sender: owner-ietf-open-pgp@imc.org
Precedence: bulk
William H. Geiger III <whgiii@invweb.net> writes: > I had not thought of leaking key data this way. If the group feels this is > a real concern couldn't the same type of "leaking" be done with the > "boundary" in the MIME headers? Or with the session key or IV, or the padding of the key to the RSA modulus size, or the 'k' parameter of a DSS signature, or probably any number of subtler ways. Fields which by their nature must *not* be generated in an externally predictable way. I may be missing something here, but it seems to me that attempting to write this specification to completely disallow subliminal/covert channels is a fool's errand. It's already necessary that the PGP implementation be trusted. Adding requirements such as this one (specifying that the MessageID be externally verifiable) makes the spec more complicated and more difficult to implement, but doesn't actually increase security at all. Wim Lewis / wiml@omnigroup.com
- Re: MessageID wording paranoia Bill Stewart
- Re: More spec-ulations nospam-seesignature
- Conventional Encryption Keys, 5.3 nospam-seesignature
- Re: MessageID wording paranoia Jon Callas
- Re: More spec-ulations Jon Callas
- More spec-ulations - update nospam-seesignature
- Re: MessageID wording paranoia Thomas Roessler
- More spec-ulations nospam-seesignature
- Re: MessageID wording paranoia William Lewis
- Re: MessageID wording paranoia William H. Geiger III
- Re: MessageID wording paranoia Jon Callas
- Re: MessageID wording paranoia William H. Geiger III
- Re: MessageID wording paranoia Jon Callas
- Re: MessageID wording paranoia Hal Finney
- MessageID wording paranoia Thomas Roessler