ietf-mailsig
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: User-to-User or Server-to-Server mail encryption

2004-09-19 18:38:47
from [Seth Goodman] [Permanent Link] 


From: Tony Finch
Sent: Sunday, September 19, 2004 5:46 PM



On Sun, 19 Sep 2004, Andrew Newton wrote:


Really?  Have you ever sent a message through Yahoo Groups?  Many of the
public list services like to tack adds on to the email causing
the signatures not to validate.


The framing used by PGP means that mailing list bumf falls outside the
signed portion of the message, so the signature is robust.


I believe that's true of the in-line PGP signatures only.  I don't think the
PGP attachment signature is robust in the same way, but I'm willing to be
corrected on that.

S/MIME is easily broken by mailing list additions at the end of the text.

--

Seth Goodman
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: User-to-User or Server-to-Server mail encryption, Tony Finch
Next by Date:  RE: Rambings on RFC2822 signatures., Seth Goodman
Previous by Thread:  Re: User-to-User or Server-to-Server mail encryption, Tony Finch
Next by Thread:  Re: User-to-User or Server-to-Server mail encryption, william(at)elan.net
Indexes:  [Date] [Thread] [Top] [All Lists]