[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: secure sign & encrypt

To: OpenPGP <ietf-openpgp@xxxxxxx>
Subject: RE: secure sign & encrypt
From: Terje Braaten <Terje.Braaten@xxxxxxxxxx>
Date: Thu, 23 May 2002 16:08:02 +0200
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx

David P. Kemp <mailto:dpkemp@xxxxxxxxxxxxxx> wrote: 
> Your proposal for an extra packet does not address this alleged flaw.
> Note that Alice could sign a message saying "encrypted to 
> Bob", and then
> encrypt and send the message to Charlie, thus framing Bob for breach
> of confidence.

No, because then Charlie would know it was something fishy going on.
He would not now if Alice or Bob (or some one else) was to blame,
but he would get a warning message saying that this is an invalid
signed & encrypted message.

> 
> You can't take two operations that are inherently separable and create
> a magic hack that makes them inherently and verifiably atomic.  Each
> layer does what it does - if you want the security services provided
> by three layers (ESE), or what S/MIME calls triple-wrapping (SES),
> then you must use three layers.

Well, if you use three layers (ESE), you get the added bonus that you
can easily see what is wrong if someone try to do something bad.
But also with my proposed method you can verify if everything is ok or not.

-- 
Terje Bråten

Prev by Date: Re: secure sign & encrypt
Next by Date: Re: secure sign & encrypt
Previous by thread: Re: secure sign & encrypt
Next by thread: Re: secure sign & encrypt
Index(es):
- Date
- Thread