Standard weakness: surreptitious forwarding
Thu Jun 6 20:31:02 2002
0. Source of information
I was pointed to this information by subscribers to the enigmail mailing
1. surreptitious forwarding means:
a recipient B may change a received message from sender A so that he can
forward it to another recipient C leting C suppose he is the intended
2. Short explanation for the weakness of sign than encrypt:
1st think of sign as the signing of a letter/paper written with a pen.
The encrypting is the same as putting the letter in an envelope. B may
change the envelope a send/forward the letter to C confuseing him/her.
3. Short explanation for the weakness of encrypt than sign:
B receives a letter with a signed envelope. He opens the envelope and
puts another letter in it with a different message.
*Defective Sign & Encrypt in S/MIME, **PKCS#7, MOSS, PEM, PGP, and XML:*
Archive of ietf-openpgp, by date