Recipient inconstistence: flaw in OpenPGP

Disastry@saiknes.lv Disastry@saiknes.lv
Fri Aug 17 10:17:02 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On Fri Aug 17 09:26:01 2001 Werner Koch write:

> > I think this in flaw in OpenPGP.
> > I could be solved by adding some special Recipients packet
> > into encrypted message part.
>
> Encryption and Signatures are two different things.
yes... but did I said something about signatures? I was talking about encrypted messages, but this applies to encrypted and signed messages too.
> This is what the
> Davis paper is about and has been discussed here in lengths.
ok.. I did reread it, this is different case (however similar somewhat) and it has nothing to do with signatures. == <EOF> == Disastry http://i.am/disastry/ http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon ^--GPG for Win32 (supports loadable modules and IDEA) ^---PGP 2.6.3ia-multi04 (supports IDEA, CAST5, BLOWFISH, TWOFISH, AES, 3DES ciphers and MD5, SHA1, RIPEMD160 hashes) -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1 iQA/AwUBO3y1wTBaTVEuJQxkEQODhwCgsnTDOu4LsRxJmeZ5udCSdW2GllAAoKOG h81vGYr73C1PinsaNew0BNEP =YDeq -----END PGP SIGNATURE-----