Re: PGP flaw found by Czech firm allows dig sig to be forged

A "vulnerability" that requires the opponent to have write access to your private key in order to exploit?

Okay. What was PGP's threat model again? I'd have sworn that this was squarely outside it.

Probably. Do you need only write access? What does that do for smart cards - if anything? -David