secure sign & encrypt

Robert J. Hansen rjhansen at
Wed May 22 19:54:01 CEST 2002

> In other words, your threat model says that you do not only trust the
> sender (signer) of a message, but you trust all people who may get
> signed messages from that sender. (Or, alternatively, you as the

No.  Please don't make assumptions about my threat model, especially ones 
which are subtly and seriously wrong.

The `exploit' you're concerned about isn't an exploit at all, except 
insofar as to say the weakest point of any cryptosystem is in the 
ignorance of its users.  Even in the worst-case scenario, all you can say 
is that it only affects people who don't bother to learn the cryptosystem 
they're using.  And there is absolutely nothing which can protect people 
from their own ignorance.  Trying to do so is a fool's errand.

Although I'm not a core GPG hacker (my work is limited to a C++ binding 
for GPGME) and thus my opinion has just about as much weight as your 
average Slashdot reader's, I would be extremely displeased to see GnuPG 
chase after an ephemeral exploit and, in the process, break RFC.

More information about the Gnupg-devel mailing list