At 10:06 AM 11/29/00 +0100, [EMAIL PROTECTED] wrote:
>You have to agree that the "not using patented algorithms" thing
>solves the problem once and for all, if in a somewhat Gordian way
>(partly breaking backwards compatibility). We would never had any
>problems if not for PGP screwing it up -- b
"Steven M. Bellovin" wrote:
> Purely procedurally, if you tried to get it published as an RFC it
> would probably be bounced by the IESG -- there's a policy against RFCs
> that are or appear to be end-runs around a working group. If something
> is in a WG's area, it's up to them to publish it.
"Enzo Michelangeli" <[EMAIL PROTECTED]> writes:
>>I have an RFC draft for this which I wrote a while back but it was rejected by
>>the PKIX WG chair(s) ("I am concerned that we not turn PKIX into PGP with ASN.1
>>syntax"), and I haven't had the motivation to publish it as an independent
>>draft -
-BEGIN PGP SIGNED MESSAGE-
I can see that one can put information associated with a
signature outside the hashed area but I cannot see that one
should do so and I doubt that this will improve security.
First the key-ID. Why should I have it outside the signature?
It's possibly not secur
- Original Message -
From: "Peter Gutmann" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, December 05, 2000 4:45 AM
Subject: Re: Is PGP broken?
> "Enzo Michelangeli" <[EMAIL PROTECT
In message <[EMAIL PROTECTED]>, Peter Gutmann writes:
>"Enzo Michelangeli" <[EMAIL PROTECTED]> writes:
>
>>Apart from standards issues, one thing I'd like to see added to popular S/MIM
>E
>>agents is a mini-CA to issue self-signed certificates. This would allow peopl
>e
>>to use S/MIME as they use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 4 Dec 2000, lcs Mixmaster Remailer wrote:
> Examples of the first case would be an identifier which indicates the
> signing key. In PGP this would be the key ID; in SMIME, CMS and other
> PKCS-7 derived formats it is the IssuerAndSerialNumber. T
It is often useful to include some information associated with a signature
that is not in the hashed portion. There are several reasons for this.
First, some information is not security critical and there is no reason
to hash it. Second, some such information may be subject to change and
update
On Mon, 4 Dec 2000, Ian Brown wrote:
> > Come to think of it, there are some tricky issues with regards to crypto
> > on mailing lists, it might make sense to have a
> > X-crypto-originator [EMAIL PROTECTED] line in the headers to specify that the
> > crypto information contained in that piece of
At 9:55 AM +0100 11/29/2000, PA Axel H Horns wrote:
>On 29 Nov 2000, at 7:07, Stephan Eisvogel wrote:
>
>> Adam Back wrote:
>> > (And also without IDEA support for patent reasons even now
>> > that the RSA patent has expired.)
>>
>> Do you know when the IDEA patent will expire? I will hold a
>> sm
"Enzo Michelangeli" <[EMAIL PROTECTED]> writes:
>Apart from standards issues, one thing I'd like to see added to popular S/MIME
>agents is a mini-CA to issue self-signed certificates. This would allow people
>to use S/MIME as they use PGP (who relies on the WoT anyway?), breaking the
>dependency
-BEGIN PGP SIGNED MESSAGE-
On Sun, 3 Dec 2000, L. Sassaman wrote:
> Though, as I pointed out to Ralf in private email, subpacket 16 should be
> permitted outside of the signature. Other than that, I can see no packet
> that needs to be placed outside the signature,
I still can not see
> A problem with including a public key with every plaintext message is that
> it isn't very discreet - actually looks kind of ugly in some peoples's
> email clients.
You could use a separate PGP/MIME bodypart...
> Come to think of it, there are some tricky issues with regards to crypto
> on mai
-BEGIN PGP SIGNED MESSAGE-
At 05:52 PM 12/3/00 -0800, Bram Cohen wrote:
...
>If I recieve mail from a mailing list, it potentially might
>have info about both how to encrypt mail sent to the sender,
>and how to encrypt mail sent to the list - it really should
>be able to include both, an
- Original Message -
From: "Peter Gutmann" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, November 30, 2000 1:30 PM
Subject: Re: Is PGP broken?
> "Enzo Michelangeli" <[EMAIL PROTECTED]> (or someone, the quoting makes it
> dif
On Sun, 3 Dec 2000, Ben Laurie wrote:
> Bram Cohen wrote:
> >
> > Come to think of it, there are some tricky issues with regards to crypto
> > on mailing lists, it might make sense to have a
> > X-crypto-originator [EMAIL PROTECTED] line in the headers to specify that the
> > crypto information
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In my opinion, cryptography should be seen as an evolutionary
process. Protocols are continuously evaluated for their "fitness" in the
context of current number theory, advances in computers/CPUs, and many
individual/company/implementation specific re
-- 2
At 12:01 PM 12/3/00 -0800, Bram Cohen wrote:
>A problem with including a public key with every plaintext message is that
>it isn't very discreet - actually looks kind of ugly in some peoples's
>email clients. This could be changed by making a header line saying
>something like X-accepts-c
t
can't be stolen. I suppose that any discrete-log algorithm would be eligible
(not only ECC).
Enzo
- Original Message -
From: "Ralf Senderek" <[EMAIL PROTECTED]>
To: "L. Sassaman" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Sunday,
Bram Cohen wrote:
>
> On Wed, 29 Nov 2000, Ian BROWN wrote:
>
> > Bram Cohen wrote:
> > >What we really need is a system which just stops passive attacks. The best
> > >idea I've come up with so far is for all outgoing messages to have a
> > >public key attached, and if you have the public key o
On Wed, 29 Nov 2000, Ian BROWN wrote:
> Bram Cohen wrote:
> >What we really need is a system which just stops passive attacks. The best
> >idea I've come up with so far is for all outgoing messages to have a
> >public key attached, and if you have the public key of an email address
> >you're send
-BEGIN PGP SIGNED MESSAGE-
"L. Sassaman" <[EMAIL PROTECTED]> wrote:
> Shameless plug: Ben Laurie and I were discussing this exact topic earlier
> this month. I'm going to England next month to sit down and hash out
> exactly what we want to do, but we would like to add OpenPGP features t
Bram Cohen writes:
> Not that I'm going to propose a new standard or even modifications to old
> ones - there are already too many of those, the problem is making one of
> them acceptable, or develpoing a new one which has a good chance of
> getting universal support.
Have you looked at Crypt
"L. Sassaman" wrote:
> PGP will also never have the platform coverage that open source software
> can have. In addition to all the platforms (except Macintosh) that PGP
> supports, GnuPG runs on Irix, True64, FreeBSD, NetBSD, OpenBSD, BSD/OS,
> SCO, SunOS, and others. That's not PGP's fault; it's
Stefan Kelm writes:
> BTW, what do you mean by "point-source PGP signing"?
Instead of leaving your key signing up to your friends, PGP could
benefit from a policy-based signature. You could come up with any
number of policies:
o This keyholder is a Mason/Scout/Rotarian.
o This keyholder is
"Enzo Michelangeli" <[EMAIL PROTECTED]> (or someone, the quoting makes it difficult to
tell) writes:
>If it may of any comfort (or perhaps enhanced desperation), the S/MIME
>community has similar headaches: in these days, the [EMAIL PROTECTED] list is
>debating whether, in S/MIME v.3, RSA shoul
Bram Cohen wrote:
>What we really need is a system which just stops passive attacks. The best
>idea I've come up with so far is for all outgoing messages to have a
>public key attached, and if you have the public key of an email address
>you're sending to you use it
Indeed -- this is one of the c
Russell Nelson wrote:
>
> Is it just me, or is PGP broken? I don't mean any particular version
> of PGP -- I mean the fact that there are multiple versions of PGP
> which generate incompatible cryptography. Half the time when someone
> sends me a PGP-encrypted message, I can't decrypt it. Pres
> > Not to mention anything about PGP keyservers, or the utter and
> > complete absence of anybody doing point-source PGP signing.
>
> Yeah, the whole system looks none too scaleable.
It certainly isn't. Please keep in mind, however, that the pgp.net
keyserver system is in no way related to NAI
Adam Back writes:
> And lastly even if they had done it right, GPG went in and fucked it
> up some more by sticking religiously to the "don't use patented
> algorithms" free software mantra to the huge detriment of PGP
> interoperability.
You have to agree that the "not using patented algo
On 29 Nov 2000, at 7:07, Stephan Eisvogel wrote:
> Adam Back wrote:
> > (And also without IDEA support for patent reasons even now
> > that the RSA patent has expired.)
>
> Do you know when the IDEA patent will expire? I will hold a
> small party myself then. B)
The EP 0 482 154 of ASCOM TECH A
- Original Message -
From: "Bram Cohen" <[EMAIL PROTECTED]>
To: "Russell Nelson" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, November 29, 2000 10:55 AM
Subject: Re: Is PGP broken?
> What we really need is a system which just st
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It has been well over two years since the last version of PGP which
did not support RSA (6.0.2), and even then most editions still
supported RSA. I didn't make the decision to not ship RSA in
particular editions of PGP, but the fact is that it was the
Adam Back wrote:
> (And also without IDEA support for patent reasons even now
> that the RSA patent has expired.)
Do you know when the IDEA patent will expire? I will hold a
small party myself then. B)
--
hawo bofh
No, it's not just you, it is indeed broken. So there are a number of
culprits:
- Probably mainly RSA for being difficult to deal with, and in general
letting lose a bunch of rabid lawyers on the crypto community.
Fortunately the patent has no expired.
- PGP/NAI for shipping versions without RS
On Tue, 28 Nov 2000, Russell Nelson wrote:
> Is it just me, or is PGP broken? I don't mean any particular version
> of PGP -- I mean the fact that there are multiple versions of PGP
> which generate incompatible cryptography.
I'd say that's an accurate assesment.
> Presuming that I'm right, i
Fixing incompatibility of OpenSource OpenPGP implementations with PGP 2.x is
difficult due to the royalties demanded by IDEA's patent holders (at least,
for non-personal use).
Efficient key distribution (or lack thereof) is a serious problem, but most
people don't try to use it anyway, preferring
37 matches
Mail list logo