Recipient inconstistence: flaw in OpenPGP
Thomas Roessler
roessler at does-not-exist.org
Fri Aug 17 12:27:02 CEST 2001
On 2001-08-17 08:58:41 +0200, Disastry at saiknes.lv wrote:
>there is no way for recipient to be sure that the same message was
>sent/encrypted to other recipients or not anyway.
[...]
>I think this in flaw in OpenPGP. It could be solved by adding some
>special Recipients packet into encrypted message part.
Against what attack are you trying to defend, precisely?
Of course, you could make sure that a recipient list is included
with the encryption envelope, is signed, and is thereby protected
from alteration in transit.
However, this certainly won't prevent the sender(!) from adding fake
recipients to this list. There is no way you can ensure on the
OpenPGP layer that a message was indeed sent to a set of recipients
indicated inside that message. In order to prove this, you'd need
signed receipt confirmations.
--
Thomas Roessler http://log.does-not-exist.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 492 bytes
Desc: not available
Url : /pipermail/attachments/20010817/c702c1a6/attachment.bin
More information about the Gnupg-devel
mailing list