GPG support in Mahogany
Tue Dec 10 18:39:17 2002
On Sun, 8 Dec 2002 20:07:31 +0100 "Janusz A. Urbanowiz" <email@example.com> wrote:
> On Tue, Dec 10, 2002 at 05:21:01PM +0100, Xavier Nodet wrote:
>> Of course, the originator is no more hidden, but this is not
>> necessarily bad.
> It is bad on the grounds of OpenPGP default threat model.
Could you point me to some document that describes this threat model,
please? I know I have much more to read than I already did.
> My question is: what do you want to prove (or prevent) with the
> sign-encrypt-sign model? What do you do with messages that look like you
> aren't the designated recipient, or worse you are visibly not their
> designated recipient. Throw away them for they are invalid?
Warn the user. I, as a developper of a mail client, do not want to
decide anything. But I do want to provide some information when it is
And please remember that I'm only considering the decrypt/verify
process. My objective is not at all to setup a way to send some
encrypted information, but to receive it in such a way that a user will
be warned when this is needed.
>> I'm speaking about the destinator decrypting first, then re-encrypting
>> for a third person.
> You want to detect it, prevent it, prove it or what?
I want to detect it.
I want to provide as much information as possible to the user, who is
not necessarily a crypto-expert. And I am just beginning to use GPG for
myself, just enough to understand that doing cryptography the right way
is not necessarily easy.
Maybe I am completely off here. Maybe the sign-and-encrypt feature of
GPG is fundamentally different than first signing, then encrypting. I'd
be glad to learn that.
> (your approach looks a lot similar to one 'PGP vulnerability' that
> gets widly announced every two years or so).
Do you consider <http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.ps>
to be part of those 'wildly announces'?
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." - Benjamin Franklin, 1759.