PGP Comment feature weakens remailer security
Patrick J. LoPresti
patl at catfish.lcs.mit.edu
Wed Nov 8 16:43:27 PST 1995
-----BEGIN PGP SIGNED MESSAGE-----
bill.stewart> So, for safety, either turn off PGP comments before
bill.stewart> using it with remailers, or wipe out the comments by
bill.stewart> hand before each layer of encryption (easy to do with
bill.stewart> GUI-based systems like Private Idaho; I don't know if
bill.stewart> premail lets you do this or not.)
Incidentally, Mailcrypt's remailer support strips the comment field
after each encryption, and has done so since version 3.2.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
iQCVAwUBMKEmVHr7ES8bepftAQEPSgP9FJYeKUSZKyFN/VWIwLjKIaDVzPtzyqHR
tbj1UqbDl1trrKCoV6uud5qfK/FQwqQylnv1YsYNIVPPav66ImUvgSaXUMvZJBvC
8vinQI66s3M1PBJ8VIaLuVtay826JDazGHEexHpDLwNVGLdJq0RrNLVr2H9oLA8g
5aE9MHVfAcM=
=MdHQ
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list