I think you are fine if the odds of corrupting the message are less than the odds of getting hit by a a falling meteor while running the program. In general there is little point in making any one part of the system many orders of magnitude more reliable than any other part. -Lance On Wed, 8 Nov 1995, Raph Levien wrote:
Point well taken.
I'm seriously considering completely disabling the PGP comment feature when invoked from premail. In fact, that's what the new code does right now.
On an unrelated topic... cypherpunks like to count bits, right? What is the correct number of pseudorandom bits to use in a MIME multipart separator? If the data has a line which matches the separator, the message is corrupted. Of course, if you can take multiple passes through the data, you can simply verify that it does not contain a line which matches the separator. But if you're restricted to a single pass, then the only way to do it is to use a randomly generated separator. I figure that 128 bits should _definitely_ be enough (that's what is in the new premail code now). Even 64 bits should ensure that it is unlikely that anyone will ever experience message corruption over the expected lifetime of premail. However, it makes me nervous. What do people think?
Raph
---------------------------------------------------------- Lance Cottrell loki@obscura.com PGP 2.6 key available by finger or server. Mixmaster, the next generation remailer, is now available! http://obscura.com/~loki/Welcome.html or FTP to obscura.com "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche ----------------------------------------------------------