1995-11-09 - Re: PGP Comment feature weakens remailer security

Header Data

From: NetSurfer <netsurf@pixi.com>
To: anonymous-remailer@shell.portal.com
Message Hash: 7458f321e140f2429d57cab1274a6ba9a8c25f4b699ac782765be91d03314ad7
Message ID: <Pine.SUN.3.91.951108054335.22856D-100000@akamai.pixi.com>
Reply To: <199511080454.UAA05765@jobe.shell.portal.com>
UTC Datetime: 1995-11-09 00:54:31 UTC
Raw Date: Thu, 9 Nov 1995 08:54:31 +0800

Raw message

From: NetSurfer <netsurf@pixi.com>
Date: Thu, 9 Nov 1995 08:54:31 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511080454.UAA05765@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951108054335.22856D-100000@akamai.pixi.com>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 7 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> to protect the privacy of communications.  PGP can bite you.
> The PGP comment feature lets you stick one (or more?) lines of comment
> into your encrypted messages, after the Version: line but before the
> encrypted message body.  If you use the PGP comment feature to say something

---- 8< snip

> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.7.1
> Comment: PGP available outside U.S.A. at ftp.ox.ac.uk
> 

You are using Viacrypt PGP, which has a release out which fixes the 
comment "feature" - contact them for an upgrade.

This was fixed in the freeware version some time ago as well.

-NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |     finger for full PGP key        >
 "  " / \ " |Honolulu, HI  96830    |====================================>
\"  "/ G \" |Serendipitous Solutions|    http://www.pixi.com/~netsurf   >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>






Thread