taming the wild pgp
I don't see a huge problem here with keys being added, unless someone starts sending the keyserver's databases to the remailers in an effort to crash them. I can only think of one way around it -- recompiling with the key-adding procedure commented out (at least for the version the remailer uses). If you need to add keys, use the version you've already compiled. Matt Thomlinson University of Washington, Seattle, Washington. phone: (206) 548-9804 Check my home page -- ftp://ftp.u.washington.edu/public/phantom/home.html PGP 2.2 key available via email, or finger phantom@hardy.u.washington.edu
Matt Thomlinson <phantom@u.washington.edu> wrote:
I can only think of one way around it -- recompiling with the key-adding procedure commented out (at least for the version the remailer uses). If you need to add keys, use the version you've already compiled.
Couldn't you just modify your remailer to search for the string "BEGIN PGP PUBLIC KEY BLOCK" and dump the message if it finds it? Or will PGP recognize if even if it doesn't have that header...? Anyway, PGP puts ID bytes at the beginning of its files, and in ascii-armor, public keys always begin with mQ and crypted messages begin with hE or hI. You could probably just dump the message if the first line of the ASCII-armoring began with mQ...
participants (2)
-
Matt Thomlinson -
Matthew J Ghio