A weakness in PGP signatures, and a suggested solution (long)
Arnoud "Galactus" Engelfriet
galactus at stack.urc.tue.nl
Sun Jan 14 13:49:19 PST 1996
-----BEGIN PGP SIGNED MESSAGE-----
In article <Pine.ULT.3.91.960112020051.6769E-100000 at Networking.Stanford.EDU>,
Rich Graves <llurch at Networking.Stanford.EDU> wrote:
> An easy short-term partial solution would be to modify mailcrypt, bap, or
> whatever front end you use to automatically put the current date and (a
> shortened form of) the To: or Newsgroups: header into the PGP signature
> Comments: line.
That line can be clipped off by everyone, without even so much as a peep
from PGP. Perhaps a better solution would be to copy the To: and
Newsgroups: headers into the body of the message?
Galactus
- --
To find out more about PGP, send mail with HELP PGP in the SUBJECT line to me.
E-mail: galactus at stack.urc.tue.nl - Please PGP encrypt your mail if you can.
Finger galactus at turtle.stack.urc.tue.nl for public key (key ID 0x416A1A35).
Anonymity and privacy page: <http://www.stack.urc.tue.nl/~galactus/remailers/>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAgUBMPbYTDyeOyxBaho1AQGtvAQA2bVrvx7Argv/MjjA7cOGpJNzV0AGg96J
PvOsknNKfUj9n/gRLDNlGeL+j8wcdpgpdv1h2udmL582nv1T6r/m1ZI6wxedDUvk
eGt+KpNKijXuTdXRTvdVV/Wxahk2/3TgoA0U40CZmm1s1Ckk506T1dkGkt19UsvO
/5sBQ/eKUhY=
=S/aM
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list