From: Derek Atkins <warlord@MIT.EDU>
To: perry@imsi.com
Message Hash: b720ad49381a9ed04073e6621fb1b6a032951c393d0e0cbf8a3097720cc59a7f
Message ID: <9502102135.AA08054@josquin.media.mit.edu>
Reply To: <9502102118.AA15581@snark.imsi.com>
UTC Datetime: 1995-02-10 21:36:08 UTC
Raw Date: Fri, 10 Feb 95 13:36:08 PST
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 10 Feb 95 13:36:08 PST
To: perry@imsi.com
Subject: Re: why pgp sucks
In-Reply-To: <9502102118.AA15581@snark.imsi.com>
Message-ID: <9502102135.AA08054@josquin.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain
> Unfortunately, the current PGP practice of using only numeric key-ids
> in message packets makes it hard to do this -- sigh. I hope that
> the next version of PGP changes this.
I doubt PGP will change this in the near future. That would require a
major packet format change, and would not be anywhere near backwards
compatible.
I dont consider this to be a big problem. If you limit key lookups in
the database to be lookup on userID only, that solves your database
problem. As for the keyID->userID, well, this would only be required
to _verify_ a signature. In that case, you know who sent the message
to you so you can ask them for the key. When you want to encrypt to
someone, you already know to whom you want to encrypt, so the same
thing applies.
I don't see the problem!
-derek
PS: I should state that I know what problem you are trying to solve,
and I'm saying that there are other workarounds to get around the
problem.
Return to February 1995
Return to “Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>”