1993-09-04 - RE: PGP features

Header Data

From: albertson@attmail.com (Todd Albertson )
To: cypherpunks@toad.com
Message Hash: 7feb46013c41375ccb0b8d7eb075770c3e0b1bb4a89c66afb1a1825f20263eac
Message ID: <9309040406.AA23747@toad.com>
Reply To: N/A
UTC Datetime: 1993-09-04 04:07:17 UTC
Raw Date: Fri, 3 Sep 93 21:07:17 PDT

Raw message

From: albertson@attmail.com (Todd  Albertson )
Date: Fri, 3 Sep 93 21:07:17 PDT
To: cypherpunks@toad.com
Subject: RE: PGP features
Message-ID: <9309040406.AA23747@toad.com>
MIME-Version: 1.0
Content-Type: text


My feature list for PGP are simplier.   I just want an integration of
 PGP into a commercial email package (such as Microsoft Mail or Lotus'
 CC Mail).  It can't be that hard to do - can it?
----------
From: Edgar W. Swank
To: Cypherpunks
Subject: PGP features
Date: Fri, Sep 3, 1993 11:46AM

Brad Huntting recently posted:

    Perhaps it's time we polished the edges, added a few of the features
    that are lacking, and wrote up up an RFC for the PGP message format.

    Some features I'd like to see in PGP are:

I've added my comments [with these full margins] as appropriate.

            The ability to send an encrypted message to multiple
            recipients without duplicating the entire message.  The
            most logical way to do this would probably be to encrypt
            the random IDEA key once for each recipient.

??? This has been implemented in PGP since at least release 2.2.
(Maybe 2.1, memory fails).  Just specify multiple UserID fragments in
the command line when encrypting. Note that if you don't specify a
UserID in the command line, you -cannot- enter multiple ID's in the
resulting prompt. This is in the -h help text:

To encrypt a message for any number of multiple recipients:
     pgp -e textfile userid1 userid2 userid3

            There needs to be a facility for having multiple signatures
            on a single document without making the signers sign each
            others signatures.  Besides the obvious application of
            removing a signature from a document, this would also
            facilitate things like petitions where many people could
            asynchronously sign a single document, and latter assemble
            all the signatures together.

This can be done via detached signature certificates, which can be
gathered together and presented with the original document.

To create a signature certificate that is detached from the document:
     pgp -sb textfile [-u your_userid]

            It should be possible (though certainly not mandatory) to
            hide the recipient's identity entirely.

Not currently implemented, but being discussed. You can acheive much
the same effect by using a another key-pair with a pseudonym in the
UserID, to be distributed only through remailers or otherwise
anonymously.

            The message format needs to allow for alternate forms of
            encryption (besides IDEA).  Furthermore, the (shared key)
            algorithm used to encrypt a message should be hidden in
            the RSA encrypted part of the message along with the shared
            key.  Ideally, a list of algorithms could be given which
            would allow the message to be optionally compressed before
            being encrypted, or encrypted two or more times with
            different algorithms.

Not implemented, but has been mentioned.  Triple-DES is one possible
alternative.  You can achieve multiple IDEA encryption by just using
current PGP to encrypt twice (or more).  Even if you encrypt to the
same public key, the IDEA key used will be different.

Compression can currently be turned off, if desired, via a CONFIG.TXT
option, which can also be specified in the command line. Compression
is also automatically turned off if the plaintext is recognized as the
output of PKZIP or other popular compressors.

    If I'm confused and the PGP message format already supports some
    of these features, please correct me.

Consider yourself corrected (:}

--
edgar@spectrx.saigon.com (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005  Cupertino, Ca






Thread