-----BEGIN PGP SIGNED MESSAGE----- [ Whew! The list was strangely silent for about 18 hours here, and I was afraid that the news system upgrade had gone awry. ] In list.cypherpunks, klbarrus@owlnet.rice.edu writes:
Yes, the extra text is ignored. In fact, the remailer implemented this form of padding (however, it only padded messages shorter than 2K out to 2K). This isn't the best way to do padding since it is quite obvious that it is in fact padding. Hal Finney wrote some perl scripts which pad inside the pgp message (add random text without likewise updating the message length field; upon decryption the extra text is throw away) and this is a better approach.
How tough would that be to add to PGP itself? And would it deplete the random pool too much? Or could psuedo-random lengths of psuedo-random padding be as effective as real random padding? - -- Roy M. Silvernail -- roy@sendai.cybrspc.mn.org will do just fine, thanks. "Does that not fit in with your plans?" -- Mr Wiggen, of Ironside and Malone (Monty Python) PGP 2.3a public key available upon request (send yours) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLhONNBvikii9febJAQEfugP+Iw2bCJ86AfXkJeGGcpSFt6qrVqAQWwqd 5s4hZ1VUZzj8FF9u9GHMSPMtbmcuF5IcIF6dfARPbTcsF4zIKDZ+qgerMA3UckV1 y8QGDOtKGldSYP/b4uz7E7Keto9StFYjTMNH/tG2RUwdwyC3peFfAO7oh7zDjEYj T5Yr+2L07E0= =2Lxw -----END PGP SIGNATURE-----