ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

re: forwarding an encrypted message

2002-04-10 09:01:54
from [john . dlugosz] [Permanent Link] 


From: John Dlugosz

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What is the "throw-keyid" switch?

Not all implementations are compelled to support the "your eyes only"
flag.  Someone could run a Perl script on the saved message, for
example, even if he normally uses a GUI that works in the same manner
as NAI's.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPLRh0uOdgXmV1Gj8EQL2jgCgn5qhcvyftlU9NhaKkAk1vHMcWTwAoJeb
maLqCw1+ht6+o3XNODdHi/xf
=PIqI
-----END PGP SIGNATURE-----





"vedaal" <vedaal(_at_)hotmail(_dot_)com>@mail.imc.org on 04-09-2002 03:26:55 PM

Sent by:  owner-ietf-openpgp(_at_)mail(_dot_)imc(_dot_)org


To:   <ietf-openpgp(_at_)imc(_dot_)org>
cc:
Subject:  re: forwarding an encrypted message



-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

- ----- Original Message -----
From: "Simon Josefsson" <simon+ietf-openpgp(_at_)josefsson(_dot_)org>
To: "Marc Mutz" <mutz(_at_)kde(_dot_)org>
Cc: <kmail(_at_)kde(_dot_)org>; <ietf-822(_at_)imc(_dot_)org>; 
<ietf-openpgp(_at_)imc(_dot_)org>
Sent: Tuesday, April 09, 2002 3:32 PM
Subject: Re: Bug#40394: forwarding an encrypted PGP message is useless




Marc Mutz <mutz(_at_)kde(_dot_)org> writes:


What if, in a mail user agent, the user wants to forward an encrypted
message? Allow it? Deny it?
Re-encrypt or remove encryption?

The problem is, of course, that the original sender might not like his
encrypted text being sent out in the clear again...


Then the original sender should not send the text to someone who will
do that.

I don't see how the standard could prevent the user from doing
this. If it is prevented, then it is only the applications' doing, so
it wouldn't be difficult to override it.

...
a way to do it, would be to send the original encrypted message using the
throw- keyid switch,

any re-sending of the message would not be able to identify the original
sender,

moreover, the message could also be sent using the option of 'screen
viewing only' so that the plaintext could not be saved,
except tediously by saving a screen shot, or re-typing the message,
both of which can be 'denied' by the original sender, and can be proved by
the forwarder, only by having someone witness the decryption.

hth,

vedaal

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt   build 7      http://www.ipgpp.com/
Comment: { Acts of Kindness better the World, and protect the Soul }
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423  D9AE 02FD A711 97BA

iQEVAwUBPLNNBGoFoLeFMG0lAQNFHgf+OmEDLzkChGzImWKeTK7Ma7sojVqGxUtJ
pGCtwK/SEjhxeiX0p+6ejFalP0FTN0xUNMhJ+P+oOW20BEUiSJEGiYOPDnrhThyq
nmg+jC2vgjEzGjdOo/CQ56XUh6ATQ1RRi2U5eahwftpzLQSPgSVrut9H4bmYT5OL
7Hk2MNQj5K1+9IwgjSrajs1DWv0Pbfx7ytrAAB2tnvx+KW6Qb5xQN8qMotbEI744
7q91c8VjMgu4w/L3TlkFigx1d4TJO/ZkFYclTgD43PbiYL3OcYE380MlYXxaD/rm
2JHdyD3jewyhkx+BAxiwaj/po7S45MVeoX5Ke8v7jF//eEBh8qCARQ==
=AT2F
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Bug#40394: forwarding an encrypted PGP message is useless, Derek Atkins
Next by Date:  Re: Bug#40394: forwarding an encrypted PGP message is useless, ned . freed
Previous by Thread:  Re: forwarding an encrypted message, Ben Laurie
Next by Thread:  Re: forwarding an encrypted message, vedaal
Indexes:  [Date] [Thread] [Top] [All Lists]