Recipient inconstistence: flaw in OpenPGP

Disastry at saiknes.lv Disastry at saiknes.lv
Fri Aug 17 11:17:02 CEST 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On Fri Aug 17 09:26:01 2001 Werner Koch write:
> > I think this in flaw in OpenPGP.
> > I could be solved by adding some special Recipients packet
> > into encrypted message part.
> 
> Encryption and Signatures are two different things.

yes...
but did I said something about signatures?
I was talking about encrypted messages,
but this applies to encrypted and signed messages too.

>  This is what the
> Davis paper is about and has been discussed here in lengths.

ok.. I did reread it,
this is different case (however similar somewhat)
and it has nothing to do with signatures.


== <EOF> ==
Disastry  http://i.am/disastry/
http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon
 ^--GPG for Win32 (supports loadable modules and IDEA)
 ^---PGP 2.6.3ia-multi04 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
     AES, 3DES ciphers and MD5, SHA1, RIPEMD160 hashes)
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1

iQA/AwUBO3y1wTBaTVEuJQxkEQODhwCgsnTDOu4LsRxJmeZ5udCSdW2GllAAoKOG
h81vGYr73C1PinsaNew0BNEP
=YDeq
-----END PGP SIGNATURE-----




More information about the Gnupg-devel mailing list