Recipient inconstistence: flaw in OpenPGP
Disastry@saiknes.lv
Disastry@saiknes.lv
Fri Aug 17 10:17:02 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
On Fri Aug 17 09:26:01 2001 Werner Koch write:
> > I think this in flaw in OpenPGP.
> > I could be solved by adding some special Recipients packet
> > into encrypted message part.
>
> Encryption and Signatures are two different things.
yes...
but did I said something about signatures?
I was talking about encrypted messages,
but this applies to encrypted and signed messages too.
> This is what the
> Davis paper is about and has been discussed here in lengths.
ok.. I did reread it,
this is different case (however similar somewhat)
and it has nothing to do with signatures.
== <EOF> ==
Disastry http://i.am/disastry/
http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon
^--GPG for Win32 (supports loadable modules and IDEA)
^---PGP 2.6.3ia-multi04 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
AES, 3DES ciphers and MD5, SHA1, RIPEMD160 hashes)
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1
iQA/AwUBO3y1wTBaTVEuJQxkEQODhwCgsnTDOu4LsRxJmeZ5udCSdW2GllAAoKOG
h81vGYr73C1PinsaNew0BNEP
=YDeq
-----END PGP SIGNATURE-----