[Top] [All Lists]

Anybody know details about Schneier's "flaw"?

2002-08-14 07:40:45
In there is a vague 
mention of a problem:

Schneier released information Monday about a separate flaw in the PGP 
(Pretty Good Privacy) program that is freely available and used to encrypt 
messages sent over the Internet. 
Schneier and Jonathan Katz of the University of Maryland at College Park 
found a way an attacker could intercept a PGP encrypted message, modify it 
without decrypting it, dupe the user into sending it back, and retrieve 
the original message

Does anybody know more about this?  Can a minor improvement to the new 
-bis draft fix it?