ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

PGP - non-nonrepudiation

1999-02-05 17:19:30
from [Black Unicorn] [Permanent Link] 

William H. Geiger III:


In <199901272040(_dot_)VAA06373(_at_)m120(_dot_)omikron(_dot_)de>, on 01/27/99
   at 09:40 PM, Edwin Cremer <eddy(_at_)m120(_dot_)omikron(_dot_)de> said:


I have the same problem :-(



my solution is:
the server check the signatur and decrypt the message.
if both ok the server write a new footer with the output of the
signcheck and then sign and encrypt the new message. if you have a
trusted server, the sigcheck is trust ;-) and the members of the list
don't need all the key's of all other members. it work's fine with
(nearly) all of pgp version.


Not a bad idea. :)


Not a bad idea, maybe, if there were no requirement for non-repudiation by
the receiving party.  (And if there isn't, then what's the point of this
solution?)  Falling back on a solution which requires a trusted server which
is still operated by the party which may later wish to present self serving
evidence to support itself in a suit is just a mistake.

Take the example of a brokerage which needs to incontrovertibly prove a
client (or a client's key) ordered a given transaction.  How will the above
help?  Clearly, it won't.  The bottom line is that in the mad rush to
implement "one pass" functionality PGP dropped the ball by killing this very
important functionality.

An enterprise cannot now archive mail which can later be searched by keyword
in the message body and still be verifiable ex post with respect to origin
and message integrity.

Big mistake.

I wonder (doubt) if it will ever be fixed.


I have proposed something similar to this for corporate mail servers where
incoming signed mail is verified at the server and stamped before it is
forwarded to the end-users mailbox. This way the end user is relieved from
the work involved in obtaining & verifying keys for incoming mail (this
job would be off-loaded to the resident company crypto zar).

As an added step outbound messages can be auto-encrypted by the server
thus eliminating most of the public key management from the end user (the
end user doesn't even need PGP on his workstation execpt for signing &
decrypting).
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Secure mailing list service using OpenPGP, William H. Geiger III
Next by Date:  Re: PGP - non-nonrepudiation, hal
Previous by Thread:  Re: Secure mailing list service using OpenPGP, William H. Geiger III
Next by Thread:  Re: PGP - non-nonrepudiation, Anthony E. Greene
Indexes:  [Date] [Thread] [Top] [All Lists]