Fwd: crypto flaw in secure mail standards
Sat Jun 23 18:42:02 2001
On Sat, Jun 23, 2001 at 04:49:45PM +0200, Werner Koch wrote:
> || On Sat, 23 Jun 2001 15:15:08 +0200
> || Ingo Kl=F6cker <firstname.lastname@example.org> wrote:=20
> ik> The following message was forwarded to the KMail mailing list. Now=
> ik> wonder if the second scenario is possible with PGP/GnuPG, i.e. is =
> ik> possible to extract the clear signed message(+signature packet) fr=
> ik> encrypted&signed message and then re-encrypt the clear signed mess=
> Yes, but it does not matter.
> According to the abstract the paper has a serious flaw. It assumes
> that signing end encryption addresses one problem. But it does not.
> Signing and encryption are 2 entirely different things.=20
And isn't there another problem: There's an information when the
signature was created - what if I take the mail "The deal is off."
that maybe was signed one month before the deal was made?
Stefan Berthold <email@example.com>
Zivilist in Lauerstellung
nicht nur heute unter zahnlosen W=F6lfen
FAX/VoiceBox: +49 1212 5 107 47 007