ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Split Implementations of PGP

2005-03-12 04:29:39
from [Ingo Luetkebohle] [Permanent Link] 
Am Freitag, den 11.03.2005, 22:08 -0500 schrieb Cyrus Daboo:

A better solution would be to have the message decrypted on the server and 
stored in its unencrypted form with multiple parts - then the client can 
fetch just the text.


Even better would be to have individually encrypted parts.  This is
possible with PGP/MIME but not current practice.  Trouble being, of
course, that the sender would have to know this is in advance.  

It is one more example of the sender having to know what the receiver
requires without a good means of finding out.

So far, these things have been mere nuisances but the suggested solution
is clearly a big step down in security.  I do not know an answer but it
might be interesting to think about the bigger picture for once and come
up with something this simple, yet flexible enough.

In any case, I would suggest for implementors of the server-based
decryption to re-format the message into multiple individually encrypted
parts instead of just storing decrypted messages -- smaller window of
attack.

Ingo

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Split Implementations of PGP, Bill Frantz
Next by Date:  Re: Split Implementations of PGP, Cyrus Daboo
Previous by Thread:  Re: Split Implementations of PGP, Jon Callas
Next by Thread:  Re: Split Implementations of PGP, Jon Callas
Indexes:  [Date] [Thread] [Top] [All Lists]