EICS proposal
greg@turnstep.com
greg@turnstep.com
Mon Feb 3 17:29:01 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I've been wrestling around with the problem of representing external
information inside of a signed email message, and would like
feedback on a possible solution. The problem is that I can sign
the content of this message, but cannot easily sign other information
associated with it, such as the fact that I sent it to the gnupg-users
list, the email address I sent it from, and the subject line I used.
The solution I came up with is to use a standardized checksum and
a small code within the signed message that a mail program can use to
verify the external information. This message has such a code: if you
generate a SHA1 checksum on the "From", "To", and "Subject" line of
this email, it should match the code below. Full details:
http://www.gtsm.com/eics.html
- --
Greg Sabino Mullane greg@turnstep.com
PGP Key: 0x14964AC8 200302031117
EICS-H: def4da47787cc6aa42e41b5acabe151fc72b76dd
-----BEGIN PGP SIGNATURE-----
Comment: http://www.turnstep.com/pgp.html
iD8DBQE+PpiYvJuQZxSWSsgRArsIAKDKvJ9SJfBQcszIjJZ72338firtxwCfePR4
gz9nw6B3Wgvr6JFGwvuPP9Y=
=+gsi
-----END PGP SIGNATURE-----