ietf-openpgp
[Top] [All Lists]

Re: Shortcomings of current schemes (Was: One-pass signatures)

1998-07-25 23:40:20
At 12:53 PM -0800 7/25/98, Black Unicorn wrote:
As an example, suppose bob the stockbroker is accepting PGP based orders,
using PGP signature and encryption to secure and authenticate customer
security orders.

If a dispute arises, surely bob would want to be able to find and present
the actual order along with its digital signature to defend his actions,
the same way most brokerages record order calls today.

Unless I'm mistaken its currently impossible for bob to do this effectively
with PGP.  He can maintain an archive all of the encrypted messages from
clients, but keyword searching of the archive is impossible.  And
decrypting all the messages is likewise difficult (though I suppose filing
them by date might help).  There is, as far as I can tell, no way to detach
cleartext signatures from a signed and encrypted PGP message.

If Bob has the problem in the imperfect world we inhabit today, I suggest
the following.  Keep parallel files.  One contains the decrypted orders
each of which has a pointer to the encrypted order.  The decrypted orders
can be searched but not verified.  The encrypted orders can be verified,
but not searched.  When it is necessary to search, search the decrypted
orders and use the pointer to get the needed verification on the results of
the search.

Yes, it doubles the storage requirements.  However, for the given
application, I can't see a stockbroker, even with the volume Charles
Schwab, running into financial difficulties because of doubled storage
costs for original order documentation.


-------------------------------------------------------------------------
Bill Frantz       | If hate must be my prison  | Periwinkle -- Consulting
(408)356-8506     | lock, then love must be    | 16345 Englewood Ave.
frantz(_at_)netcom(_dot_)com | the key.     - Phil Ochs   | Los Gatos, CA 
95032, USA