On Sun, 2005-08-14 at 16:52 +0100, Ben Laurie wrote: > Jeroen Massar wrote: > > On Sun, 2005-08-14 at 16:30 +0100, Ben Laurie wrote: > > > >>Jeroen Massar wrote: > >> > >>>On Sun, 2005-08-14 at 14:24 +0100, Ben Laurie wrote: > >>> > >>> > >>>>Jeroen Massar wrote: > >>> > >>><SNIP> > >>> > >>>>>* sign(encrypt(message)) > >>> > >>><SNIP> > >>> > >>>>More importantly, perhaps, Krawczyk has shown that, in general, sign > >>>>then encrypt is insecure. > >>> > >>> > >>>Which exact paper do you mean? > >> > >>http://eprint.iacr.org/2001/045 > > > > > > Which nicely says, already in the abstract btw, "Thus, while we show the > > generic security of SSL to be broken, the current standard > > implementations of the protocol that use the above modes of encryption > > are safe." > > Sure. What does this have to do with OpenPGP's security? psst... it was you bringing up that argument about the paper ;) Greets, Jeroen
Attachment:
signature.asc
Description: This is a digitally signed message part