[Top] [All Lists]

Re: Anybody know details about Schneier's "flaw"?

2002-08-19 04:56:04

On Mon, 19 Aug 2002 11:49:23 +0200, Dominikus Scherkl said:

Why should anybody relpy cleartext to an encrypted messge?
especialy if it contains (even parts) of the encrypted message?

You will often notice plaintext message like "I could not decrypt your
message - please use key 0x12345678" or "Where do I find your key".
So it is not unlikely to see a message "Hey, your encrypted mail was
garbled, please send it again.  Here is the problematic line..".

Most users don't know about the cryptograhic issues involved in
sending parts of the plaintext back.  A good MUA should protect
against that but well a user can always override it.

If a reply is sent at all, it should be encrypted, so an interceptor
has the same problem with the reply - he needs to break the key.

I am probably not the only one with this problem: Try to get my key
from a keyserver - it is probably not usable because the subkeys are
all garbled (Most people don't look at the mail header X-Request-PGP
to find out the canonical way to get my key).  So it is very likely to
get a plaintext response; users are thus used to that and they can't
imagine what serious consequences a reply with a very short and after
all unreadable quote should have.

All over the place OpenPGP is rightfully very paranoid and thus it
makes sense to do what we can to avoid shoot-your-self-in-the-foot