[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MessageID wording paranoia

To: ietf-open-pgp@xxxxxxx
Subject: Re: MessageID wording paranoia
From: Thomas Roessler <roessler@xxxxxxx>
Date: Thu, 26 Mar 1998 07:26:52 +0100
In-reply-to: <>
Mail-followup-to: ietf-open-pgp@imc.org
References: <> <>
Sender: owner-ietf-open-pgp@xxxxxxx

On Wed, Mar 25, 1998 at 07:26:16PM -0800, William Lewis wrote:

> I may be missing something here, but it seems to me that
> attempting to write this specification to completely
> disallow subliminal/covert channels is a fool's errand.
> It's already necessary that the PGP implementation be
> trusted. Adding requirements such as this one (specifying
> that the MessageID be externally verifiable) makes the
> spec more complicated and more difficult to implement, but
> doesn't actually increase security at all.

I completely agree.  But those parts of the spec which are
already trying to shut down such channels should be
written in a more thorough fashion.  I'd be quite happy
with _random_ Message IDs - if an implementation has a bad
random generator, you are in trouble anyways.

tlr
-- 
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
     2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1

Follow-Ups:
- Re: MessageID wording paranoia
  - From: Jon Callas

References:
- Re: MessageID wording paranoia
  - From: William H. Geiger III
- Re: MessageID wording paranoia
  - From: William Lewis

Prev by Date: More spec-ulations
Next by Date: Multiple ASCII hash key?
Previous by thread: Re: MessageID wording paranoia
Next by thread: Re: MessageID wording paranoia
Index(es):
- Date
- Thread