1996-01-14 - Re: A weakness in PGP signatures, and a suggested solution (long)

Header Data

From: galactus@stack.urc.tue.nl (Arnoud “Galactus” Engelfriet)
To: N/A
Message Hash: b8891d18a8c378f51526c3033ad34cca2bb516d636ea746ec7b632d9e48682f9
Message ID: <FIs9w4uYOdBC089yn@stack.urc.tue.nl>
Reply To: <199601030407.UAA12551@comsec.com>
UTC Datetime: 1996-01-14 21:49:19 UTC
Raw Date: Sun, 14 Jan 96 13:49:19 PST

Raw message

From: galactus@stack.urc.tue.nl (Arnoud "Galactus" Engelfriet)
Date: Sun, 14 Jan 96 13:49:19 PST
Subject: Re: A weakness in PGP signatures, and a suggested solution (long)
In-Reply-To: <199601030407.UAA12551@comsec.com>
Message-ID: <FIs9w4uYOdBC089yn@stack.urc.tue.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.ULT.3.91.960112020051.6769E-100000@Networking.Stanford.EDU>,
Rich Graves <llurch@Networking.Stanford.EDU> wrote:
> An easy short-term partial solution would be to modify mailcrypt, bap, or
> whatever front end you use to automatically put the current date and (a
> shortened form of) the To: or Newsgroups: header into the PGP signature
> Comments: line. 

That line can be clipped off by everyone, without even so much as a peep
from PGP.  Perhaps a better solution would be to copy the To:  and
Newsgroups: headers into the body of the message?

Galactus

- -- 
To find out more about PGP, send mail with HELP PGP in the SUBJECT line to me.
E-mail: galactus@stack.urc.tue.nl - Please PGP encrypt your mail if you can.
Finger galactus@turtle.stack.urc.tue.nl for public key (key ID 0x416A1A35).
Anonymity and privacy page: <http://www.stack.urc.tue.nl/~galactus/remailers/>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAgUBMPbYTDyeOyxBaho1AQGtvAQA2bVrvx7Argv/MjjA7cOGpJNzV0AGg96J
PvOsknNKfUj9n/gRLDNlGeL+j8wcdpgpdv1h2udmL582nv1T6r/m1ZI6wxedDUvk
eGt+KpNKijXuTdXRTvdVV/Wxahk2/3TgoA0U40CZmm1s1Ckk506T1dkGkt19UsvO
/5sBQ/eKUhY=
=S/aM
-----END PGP SIGNATURE-----

Thread

• Return to January 1996

• Return to “ckey2@eng.ua.edu (Christopher R. Key)”
• Return to “david@sternlight.com (David Sternlight)”
• Return to “David Mazieres <dm@amsterdam.lcs.mit.edu>”
• Return to “dlv@bwalk.dm.com (Dr. Dimitri Vulis)”
• Return to “galactus@stack.urc.tue.nl (Arnoud “Galactus” Engelfriet)”
• Return to “Guy Geens <ggeens@elis.rug.ac.be>”
• Return to “Jeffrey Goldberg <cc047@Cranfield.ac.uk>”
• Return to “Jiri Baum <jirib@sweeney.cs.monash.edu.au>”
• Return to “mdeindl@vnet.ibm.com ((Michael Deindl))”
• Return to “Philippe VIJGHEN <phv@bim.be>”

• Return to “Rich Graves <llurch@Networking.Stanford.EDU>”

• 1996-01-03 (Wed, 3 Jan 1996 21:09:58 +0800) - A weakness in PGP signatures, and a suggested solution (long) - dlv@bwalk.dm.com (Dr. Dimitri Vulis)
  • 1996-01-10 (Thu, 11 Jan 1996 05:26:59 +0800) - Re: A weakness in PGP signatures, and a suggested solution (long) - david@sternlight.com (David Sternlight)
  • 1996-01-10 (Wed, 10 Jan 96 15:04:45 PST) - Re: A weakness in PGP signatures, and a suggested solution (long) - Philippe VIJGHEN <phv@bim.be>
  • 1996-01-11 (Thu, 11 Jan 96 09:18:32 PST) - Re: A weakness in PGP signatures, and a suggested solution (long) - Jeffrey Goldberg <cc047@Cranfield.ac.uk>
  • 1996-01-13 (Fri, 12 Jan 96 18:52:41 PST) - Re: A weakness in PGP signatures, and a suggested solution (long) - Rich Graves <llurch@Networking.Stanford.EDU>
  • 1996-01-13 (Fri, 12 Jan 96 18:52:51 PST) - Re: A weakness in PGP signatures, and a suggested solution (long) - Guy Geens <ggeens@elis.rug.ac.be>
  • 1996-01-13 (Sun, 14 Jan 1996 03:46:30 +0800) - Re: A weakness in PGP signatures, and a suggested solution (long) - David Mazieres <dm@amsterdam.lcs.mit.edu>
  • 1996-01-14 (Sun, 14 Jan 96 13:49:19 PST) - Re: A weakness in PGP signatures, and a suggested solution (long) - galactus@stack.urc.tue.nl (Arnoud “Galactus” Engelfriet)
  • 1996-01-16 (Wed, 17 Jan 1996 04:10:39 +0800) - Re: A weakness in PGP signatures, and a suggested solution (long) - ckey2@eng.ua.edu (Christopher R. Key)
    • 1996-01-17 (Wed, 17 Jan 1996 08:52:07 +0800) - Re: A weakness in PGP signatures, and a suggested solution (long) - Jiri Baum <jirib@sweeney.cs.monash.edu.au>
  • 1996-01-18 (Thu, 18 Jan 1996 15:05:40 +0800) - Re: A weakness in PGP signatures, and a suggested solution (long) - mdeindl@vnet.ibm.com ((Michael Deindl))