1996-01-16 - Re: A weakness in PGP signatures, and a suggested solution (long)

Header Data

From: ckey2@eng.ua.edu (Christopher R. Key)
To: N/A
Message Hash: ca613b44fb614edf9bd417daaf493de237c4fcddc28cb2b92c944fda4a07e6b0
Message ID: <1996Jan11.152134.127675@ua1ix.ua.edu>
Reply To: <199601030407.UAA12551@comsec.com>
UTC Datetime: 1996-01-16 20:10:39 UTC
Raw Date: Wed, 17 Jan 1996 04:10:39 +0800

Raw message

From: ckey2@eng.ua.edu (Christopher R. Key)
Date: Wed, 17 Jan 1996 04:10:39 +0800
Subject: Re: A weakness in PGP signatures, and a suggested solution (long)
In-Reply-To: <199601030407.UAA12551@comsec.com>
Message-ID: <1996Jan11.152134.127675@ua1ix.ua.edu>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.ULT.3.91.960110182255.18692H-100000@xdm011>, Jeffrey Goldberg <cc047@Cranfield.ac.uk> says:

{SNIP}
>I have omitted the other scenarios for reasons of space.  All of
>them are based on the fact that information about the intended
>recipient (including newsgroup) is not part of the information signed.
>
>I proposal is made for a mechanism to have some header information
>signed as well.
>
{SUPER-SNIP}
First of all, if the recipient is a newsgroup, why would that particular
information need to be part of the signed information?  If you post to a
newsgroup a message that is only signed (as opposed to encrypted also), 
then you are obviously not worried about who reads it.  The signature is 
only a method of proving that the important text (message) is unchanged and
intact, and that the person who it is supposed to be from is the same who 
signed it.

Secondly, if you are sending email to some one and sign it using pgp, wouldn't
that person need pgp to prove that in fact you did sign it?  Then it can be
reasonable that if that person has pgp to prove the signature, that person has
pgp to decrypt mail sent to them.  Simply sign you message and encrypt it 
using that person's public key.  All of this (from what I remember reading)
is in the pgp manual, and is one of the key methods for using public key 
encryption.

So if all that needs be done to a message to insure that the appropriate 
person reads it is encrypt it using their public key, why does pgp (or one
of the pgp interfaces) need to be changed to include header information?  
I think it just includes more well already.  "If it ain't broke, don't fix
it."

"That's all Ah've got to say about that."





Thread