On Sat, 21 Mar 1998, Christopher Creutzig wrote:
On Fri, 20 Mar 1998, Anonymous wrote:
-> symmetrically-encrypted data packets (Sec. 5.7). The clear-signed mode
-> you refer to is disjoint from these (Sec. 7) and is not affected by choice
-> of encryption algorithms. If one of the warriors to whom you refer thought
-> she was sending an encrypted message, but it was encrypted with one of
-> these two algorithms (Plaintext or Rot-N), she would be in deep trouble.
Right you are. I just wanted to point out that there should be a method of
specifying 'no encrypted mail, please'. Granted, just use a sign-only key
with no encryption sub key should solve the issue, so it's probably not
worth too much bothering.
which is what the messages of the form:
--BEGIN PGP SIGNED MESSAGE...
plaintext
--BEGIN PGP SIGNATURE...
(ascii armored sig block)
--END...
are for.
But this is different. If you don't want encrypted mail, then you should
publish only the DSS key. That would be the easiest way, though I don't
know if there is a method of doing so in the spec.
And "Unencrypted" can have a very different meaning than "Encrypted using
the conventional algorithm 'Plaintext'".
Unencrypted should probably be a literal encapsulation of plaintext
followed by a signature packet if desired. Compression and armoring are
also possible.
Plaintext encryption would have all the headers and other structure of an
encrypted PGP message, but the essential section of the message would be
unencrypted.
But the matter of compression comes up - I remember the FCC did not want
packet radio to transmit even unencrypted .zip files because they weren't
immediately understandable. If the idea is an open envelope, only the
attach signature format above is likely to work.
--- reply to tzeruch - at - ceddec - dot - com ---