Recipient inconstistence: flaw in OpenPGP

[Thomas Roessler]

--r5Pyd7+fXNt84Ff3
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2001-08-17 08:58:41 +0200, Disastry@saiknes.lv wrote:

>there is no way for recipient to be sure that the same message was=20
>sent/encrypted to other recipients or not anyway.

[...]

>I think this in flaw in OpenPGP. It could be solved by adding some=20
>special Recipients packet into encrypted message part.

Against what attack are you trying to defend, precisely?

Of course, you could make sure that a recipient list is included=20
with the encryption envelope, is signed, and is thereby protected=20
from alteration in transit.

However, this certainly won't prevent the sender(!) from adding fake=20
recipients to this list.  There is no way you can ensure on the=20
OpenPGP layer that a message was indeed sent to a set of recipients=20
indicated inside that message.  In order to prove this, you'd need=20
signed receipt confirmations.

--=20
Thomas Roessler                        http://log.does-not-exist.org/

--r5Pyd7+fXNt84Ff3
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)

iQEVAwUBO3ziodImKUTOasbBAQIX0Qf/cRfKPRWmOfPcaxJWYw3U12Br90o2Cm1/
0FbjvKMCZBP14Yg6tzHm9R9U+C9omuqhdeWJw0LXpTEkkoytLKvpJGftNqrqGnUo
D5StrLYp8htO9/npWk8wsD73Elyptc8UDdKg/5F89TzNgmPSMEpozA/bMdfm+QT5
YLRpmYHO7+yQqeSEDHCWtyOEeAScKusCyWiWdUUbZz5W14q50QyPF1yvuDtmRzEQ
g8x6woGloqqPvxJm+PdmIwLGIgBG6lkVVGNTWR9gaBWuJwX9GzL3rVECXhcUcjvJ
qbFrhbmUSDQSP/OETv74kE88kVDiyFGQitKbVxqLCbnx4PFZWm6PXQ==
=OcPN
-----END PGP SIGNATURE-----

--r5Pyd7+fXNt84Ff3--