[Top] [All Lists]

Re: clearsigned sigs

1997-11-14 11:45:07

In <346C82A3(_dot_)1DFC357C(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk>, on 11/14/97 
   at 11:56 AM, Ian Brown <I(_dot_)Brown(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk> 

Hal Finney wrote:

I am considering doing sign-and-encrypt by clearsigning and then
encrypting the clearsigned message.  This way you just decrypt and are
left with a nice clearsigned message, which you can then verify.


6.2  Combined method

Versions 2.x of PGP also allow data to be signed and encrypted in one
operation.  This method is an acceptable shortcut, and has the
benefit of less overhead.  The resulting data should be formed as a
"multipart/encrypted" object as described above.

Messages which are encrypted and signed in this combined fashion are
REQUIRED to follow the same canonicalization rules as for
multipart/signed objects.

It is explicitly allowed for an agent to decrypt a combined message
and rewrite it as a multipart/signed object using the signature data
embedded in the encrypted version.

Could your MUA could do this automatically and rewrite a
signed+encrypted message as cleartext plus a signature message part? This
even hides the PGP data in the mailer, which I like.

Well what I am doing in my MUA is the following:

When a signed+encrypted message comes in:

- -- Decrypt the message
- -- Attach a text/X-PGPDecrypt to the message
    - this displays relevant info about the decryption
- -- Verify the signature
- -- Attach a text/X-PGPVerify to the message
    - this displays relevent info about the verification
- -- Signature Blocks are retained.

So long as the original message is signed then encrypted this works well.
When the origianl message is signed & encrypted (one operation) one runs
into the problmes mentioned earlier.

There are several reasons for the X-PGPVerify text attachment:

- -- gives users sig verification info whenever the message is opened
without having to re-verify the sigblock. The user has the option to
re-verify of course.

- -- move signature verification to the server. In a corporate enviroment it
may be advantageous to have the server verify the signatures on incoming
messages as opposed to the MUA's doing so. Not that the MUA's in such an
enviroment should be restricted from doing so. Of course verification can
not be done on the server if the message is encrypted. :)

- -- 
- ---------------------------------------------------------------
William H. Geiger III
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at:                 
- ---------------------------------------------------------------

Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000


<Prev in Thread] Current Thread [Next in Thread>