RE: secure sign & encrypt
"Hal Finney" <hal@finney.org> Wed, 22 May 2002 17:27 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA20628 for <openpgp-archive@odin.ietf.org>; Wed, 22 May 2002 13:27:32 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g4MHIgf22227 for ietf-openpgp-bks; Wed, 22 May 2002 10:18:42 -0700 (PDT)
Received: from finney.org (226-132.adsl2.netlojix.net [207.71.226.132]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4MHIfL22223 for <ietf-openpgp@imc.org>; Wed, 22 May 2002 10:18:41 -0700 (PDT)
Received: (from hal@localhost) by finney.org (8.11.6/8.11.6) id g4MH93R12841; Wed, 22 May 2002 10:09:03 -0700
Date: Wed, 22 May 2002 10:09:03 -0700
From: Hal Finney <hal@finney.org>
Message-Id: <200205221709.g4MH93R12841@finney.org>
To: ietf-openpgp@imc.org, Terje.Braaten@concept.fr
Subject: RE: secure sign & encrypt
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
The problem is that this sign-and-encrypt issue is just the tip of the iceberg. It is not worth redoing the protocol when there are these other issues that will remain unresolved. First, as mentioned before there is still the chance of confusion if a clearsigned message is misdirected. Most people will assume that if they get an email from someone who PGP signed it, that the email was directed towards them. The PGP signature will add weight and authority to this misconception. Fixing the sign and encrypt problem won't help with this. Second, there are other issues than sender/recipient which people may assume implicitly are being protected by PGP. This could include message subject and possibly other header fields. People will often assume a certain context in interpreting a message based on this data. If someone gets an email from their boss with the subject "Smithers account" and the content tells them to "cancel the account immediately", the subject line is crucially important in interpreting the message. PGP does not protect this data, but users may not understand this. I read the paper and closely followed the extensive discussion on the cryptography list when this came out last year. In my opinion the consensus among the professionals on that list was that, properly understood, there is more to this than a protocol flaw that can be easily patched. It represents a fundamental property of encrypted email. Some data is protected and some is not. The real solution is to put the entire email, headers and all, into the signed envelope, and then for the receiving software to compare the protected headers with those on the actual message. This will detect substition of from/to lines as well as other changes, and will work for both signed and signed+encrypted messages. We do have data structures to support this via PGP/MIME and the Message/rfc822 MIME type. However actually implementing this functionality is difficult as it requires close integration with the email software. In practice, probably only email software providers would be in a position to provide this level of functionality. Hal
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten