RE: secure sign & encrypt
Terje Braaten <Terje.Braaten@concept.fr> Thu, 23 May 2002 13:24 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA09303 for <openpgp-archive@odin.ietf.org>; Thu, 23 May 2002 09:24:37 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id g4NDAFP29858 for ietf-openpgp-bks; Thu, 23 May 2002 06:10:15 -0700 (PDT)
Received: from csexch.Conceptfr.net (mail.concept-agresso.com [194.250.222.1]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4NDACL29854 for <ietf-openpgp@imc.org>; Thu, 23 May 2002 06:10:12 -0700 (PDT)
Received: by csexch.Conceptfr.net with Internet Mail Service (5.5.2653.19) id <LPCP1MH0>; Thu, 23 May 2002 15:07:39 +0200
Message-ID: <1F4F2D8ADFFCD411819300B0D0AA862E29ABF0@csexch.Conceptfr.net>
From: Terje Braaten <Terje.Braaten@concept.fr>
To: ietf-openpgp@imc.org
Subject: RE: secure sign & encrypt
Date: Thu, 23 May 2002 15:07:38 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id g4NDADL29855
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit
Dominikus Scherkl <mailto:Dominikus.Scherkl@glueckkanja.com> wrote: > I see no other way than "encrypt, sign and encrypt" (ESE) > to archive all cyptografic goals which seems inportant to me: Yes that is one of the five methods Don Davis wrote about as a solution in http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html I agree with you that SES is not a good solution because it leaves the signature unprotected at the outer layer. The method I have suggested is to sign the recipient's name into the message, as this avoids another costly encryption. Unfortunately this is very disturbing to those that think sign and encrypt must and should be independent layers in the protocol. But I think there should be possible to open up for certain exceptions to this layer thinking when security needs demands it. -- Terje BrĂ¥ten
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten