On Thu, 30 Jun 2005 12:16:26 +0100, Ian Grigg said:
at the time - indeed Loius Freeh stood up in
front of Congress and used this very feature as
proof that it was possible to force all crypto
programs to escrow messages for the FBI...
I did not know that; interesting. The ARR became known due to a bug
in the implementation at that time.
not be documented in the standard. I don't
know if GPG implements it, or even if it the PGP
No, never did it. We only have a warning for that bug:
if ( type == SIGSUBPKT_ARR && !hashed ) {
fprintf (listfp,
"\tsubpkt %d len %u (additional recipient request)\n"
"WARNING: PGP versions > 5.0 and < 6.5.8 will automagically "
"encrypt to this key and thereby reveal the plaintext to "
"the owner of this ARR key. Detailed info follows:\n",
type, (unsigned)length );
}
Shalom-Salam,
Werner