1996-01-10 - Re: A weakness in PGP signatures, and a suggested solution (long)

Header Data

From: david@sternlight.com (David Sternlight)
To: N/A
Message Hash: 234802022861fd9aeb58139c4d2c192abdb3f8617598388d6f8e5bd624fee80f
Message ID: <david-0901961101110001@lax-ca23-19.ix.netcom.com>
Reply To: <199601030407.UAA12551@comsec.com>
UTC Datetime: 1996-01-10 21:26:59 UTC
Raw Date: Thu, 11 Jan 1996 05:26:59 +0800

Raw message

From: david@sternlight.com (David Sternlight)
Date: Thu, 11 Jan 1996 05:26:59 +0800
Subject: Re: A weakness in PGP signatures, and a suggested solution (long)
In-Reply-To: <199601030407.UAA12551@comsec.com>
Message-ID: <david-0901961101110001@lax-ca23-19.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain

In article <199601030407.UAA12551@comsec.com>, dlv@bwalk.dm.com (Dr.
Dimitri Vulis) wrote:

>I've been engaged in a lively debate with a few members of the cypherpunks
>mailing list about forgeries that are hard to repudiate even if PGP signatures
>are used. One of the participants suggested that I post a summary to
>alt.privacy.pgp and sci.crypt, which is just what I'm doing.

<long comment that signed messages don't include the headers, omitted>

Although I do not disagree with the poster, and it may be useful to
include headers in the encryption (though care must be taken in verifying
them if the routing process adds anything), the lesson here is really a
different and important one than the writer's idea of encrypting headers.

It is that signed messages en clair are a)unencrypted to a specific
recipient, b) anyone may "validate" such a message, and c) "BEGIN PGP
"END PGP SIGNATURE" mean exactly what they say--only the delimited matter
is authenticated. Thus if one is writing to Carol to break off a
relationship, one had better include "Dear Carol" in the message text, and
if you are in relationship with more than one Carol, or expect to be, the
date and other particularizing info as well.

By the way, if Bob is sending unencrypted e-mail to Carol about the
details of their relationship for reasons other than public witness, he
has more than spoofed headers to worry about. It's his own head, er, that
needs scrutiny. :-)