[21174] in bugtraq
Re: crypto flaw in secure mail standards
daemon@ATHENA.MIT.EDU (Riad S. Wahby)
Sun Jun 24 13:30:33 2001
Date: Sun, 24 Jun 2001 00:51:02 -0400
From: "Riad S. Wahby" <rsw@MIT.EDU>
To: cryptography@wasabisystems.com, cypherpunks@algebra.com,
bugtraq@securityfocus.com
Message-ID: <20010624005102.A21764@positron.mit.edu>
Mail-Followup-To: cryptography@wasabisystems.com,
cypherpunks@algebra.com, bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <sjmelsca0i5.fsf@rcn.ihtfp.org>; from warlord@MIT.EDU on Fri, Jun 22, 2001 at 01:27:14PM -0400
Derek Atkins <warlord@MIT.EDU> wrote:
> The problem is not at all with the crypto. The problem is with the
> integration of the crypto with applications like e-mail.
In this spirit, I have produced a patch for Mutt that adds an option
to include the To:, From:, CC:, and Subject: headers at the end of PGP
signed messages.
This patch happens to interact somewhat with a previous patch I
produced that allows Mutt to optionally send PGP messages as
content-type text/plain for broken mail clients like nmh and Eudora,
so I have integrated both into a single patch.
It applies against mutt-1.2.5i; I haven't tested it against others,
but I suspect it should work fine.
http://positron.mit.edu/pub/plaintextappend.patch
ftp://positron.mit.edu/pub/plaintextappend.patch
--
Riad Wahby
rsw@mit.edu
MIT VI-2/A 2002
5105
