[8892] in cryptography@c2.net mail archive
Re: crypto flaw in secure mail standards
daemon@ATHENA.MIT.EDU (Jeffrey I. Schiller)
Sat Jun 23 17:22:41 2001
Date: Sat, 23 Jun 2001 11:51:51 -0400
From: "Jeffrey I. Schiller" <jis@mit.edu>
To: Radia Perlman - Boston Center for Networking <Radia.Perlman@Sun.COM>
Cc: dtd@world.std.com, cryptography@wasabisystems.com
Message-ID: <20010623115151.B427@mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200106222223.SAA13599@bcn.East.Sun.COM>; from Radia.Perlman@Sun.COM on Fri, Jun 22, 2001 at 06:23:46PM -0400
On Fri, Jun 22, 2001 at 06:23:46PM -0400, Radia Perlman - Boston Center for Networking wrote:
> Actually I don't think Don was talking about that. Instead he was
> talking about the danger of leaving things out of the
> signature like the subject
> line, the to field, the date, etc., that would allow someone to
> take Alice's message out of context, and other people on the list
> have explained that you need to have all stuff that matters be
> covered by the signature, perhaps by having the user consciously
> know what matters and include it in the body.
Ah. This is why I always replicate the Subject field (and other important)
fields in message that I sign for posterity (such as IESG action requests).
-Jeff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
