Fwd: crypto flaw in secure mail standards
Anthony E. Greene
Mon Jun 25 17:22:01 2001
On Mon, 25 Jun 2001, David Shaw wrote:
>After reading the paper, I was thinking about a different way to
>address the problem: encrypt the clear signature.
But how would that stop Bob from misusing that sig later? Using the
example of the cancelled deal, Bob could still decrypt the sig and the
document (if necessary) and send the whole package to Charlie to lead
Charlie to believe that Alice had canceled the Alice/Charlie deal.
Anthony E. Greene <firstname.lastname@example.org> <http://www.pobox.com/~agreene/>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05 MSN: te_greene
Linux. The choice of a GNU Generation. <http://www.linux.org/>