[43950] in Cypherpunks
Re: Cypherpunk Certification Authority
daemon@ATHENA.MIT.EDU (anonymous-remailer@shell.portal.co)
Sun Nov 26 04:57:49 1995
Date: Sun, 26 Nov 1995 01:53:12 -0800
To: cypherpunks@toad.com
From: anonymous-remailer@shell.portal.com
On Sat, 25 Nov 1995, Adam Shostack wrote:
> Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
> ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)
>
> Its an excellent paper, well worth reading, but the basic
> problem is that X.509 encrypts before signing.
You'd rather sign before encryption??
Doesn't that give you "known plain-text" to attack? i.e. the signature.
I'm not sure whether it would or wouldn't, but I'm sure some
cryptographers here might clear that up mighty quick -- before any more
harm is allowed, I mean.
> Adam
>
> --
> "It is seldom that liberty of any kind is lost all at once."
> -Hume
Alice de 'nonymous ...
...just another one of those...
P.S. This post is in the public domain.
C. S. U. M. O. C. L. U. N. E.