Rick Campbell writes:
P.S. I have an alpha version of a program which may be of interest to technomads: it automatically executes scripts received by email from a remote machine and then mails back the results. The scripts (shell
...
Does your mechanism do anything to prevent replay attacks?
Rick
Alan apparrently forwarded my message from technomads to cypherpunks, but since I'm on cypherpunks too, I got this message. Anyway, yes it does have a simple replay attack prevention mechanism. It keeps track of the most recent time and date stamp from the PGP signature info and refuses to executed any message that doesn't have a stamp more recent than previously executed script. This simple mechanism can cause unwanted rejection if scripts are received out of order, but multiple scripts can be batched into a single message to help overcome this. See the following URL for a discussion of known limitations and security concerns with emscrypt: http://www.bmen.tulane.edu/~carpente/emscrypt/emscrypt_doc.html#limits --Matt -- mcarpent@mailhost.tcs.tulane.edu PGP mail preferred, finger for public key.