GPG PGP S/Mime vulnerability

Julia A. Case
Thu Aug 9 14:35:02 2001

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Quoting Anthony E. Greene (

> I think he means the From, To, Date, and Subject headers, all of which are
> known to the mail client at the time of composition. If mail clients
> inserted this data into the message before calling PGP, that would be an
> automated solution to the problem, assuming these headers had enough
> specific information to be of any help.
I'm still to sure this would work well, I mean do you require that the=20 From: address match one of the addresses in the signing key? The=20 previously indicated methods of making sure you don't sign ambigous mails= =20 seems the better choice. Julia --=20 [ Julia Anne Case ] [ Ships are safe inside the harbor, ] [Programmer at large] [ but is that what ships are really for. ] [ Admining Linux ] [ To thine own self be true. ] [ Windows/WindowsNT ] [ Fair is where you take your cows to be judged. ] --GvXjxJ+pjyke8COw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see iD8DBQE7coMX4HhEM0IT+S4RAvTxAJ0RsUrHyAWKNckgBhfavlryb9ZQjACfXJ+u 64kxRMIEf38v0QEVdeCkGZA= =MJ7I -----END PGP SIGNATURE----- --GvXjxJ+pjyke8COw--