-----BEGIN PGP SIGNED MESSAGE-----
In
<MDAEMON-F199807251759(_dot_)AA594461MD12931(_at_)local(_dot_)crypto(_dot_)net>,
on 07/25/98
at 05:59 PM, Cypherlist-watch-owner
<cypherlist-watch-owner(_at_)joshua(_dot_)rivertown(_dot_)net> said:
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, 25 Jul 1998 15:53:38 -0500, Black Unicorn wrote:
There is, as far as I can tell, no way to detach
cleartext signatures from a signed and encrypted PGP message.
Suggestions?
How about some kind of dual pass in your given scenario? First sign the
plain text to provide the authentication - then encypt the signed output
as an entity on it's own. Bob the stockbroker can then decrypt the order
and store the signed text.
Any use?
This is what I have been advocating for quite awhile now and how I have my
current PGP implementations working.
IMHO signature retention is more important than any advantages of a "one
pass" operation.
- --
- ---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
- ---------------------------------------------------------------
Tag-O-Matic: I'm an OS/2 developer...I don't NEED a life!
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000
iQCVAwUBNbptw49Co1n+aLhhAQEcUAP7BcDXZiKjKaiBQL3J+TnR7Qz9CLhfgZ4h
3wA32a/O7hc6hqVQm2rWNUUPXaUFtSW6qkvhMuIoUh5AbYJHMl86u1CVGDVPljLG
jtLek1aQhUIjWGF/sNYzk9JjbQEmmki5+1tcsk0xHow+qiRSeuloNZ+GJg30V90C
+FWuAObBnRc=
=ZVf3
-----END PGP SIGNATURE-----