Fwd: crypto flaw in secure mail standards
Don Davis
dtd@world.std.com
Mon Jun 25 05:01:01 2001
> The suggested fix to make the inner signature somehow tied to the
> outer encryption layer would indeed fix the problem, but it does
> create other interesting issues. As things stand now, a signed
> document does not have any notion of who it was signed for. The
> suggested fix would change that so a document would essentially be
> signed "for" somebody. Presumably implementations would keep the
> ability to sign without tying it to a particular destination key for
> those cases where signing a document for a particular receipent is not
> appropriate.
hi, mr. shaw --
actually, my paper only recommends signing a recipient-list,
when the message is to be encrypted, too. as you point out,
to force every signed message to include a recipient-list,
would defeat the purpose of many signed messages.
- don davis, boston
-