Re: [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails
2019-04-30 08:19:53Hiya, On 30/04/2019 13:29, ilf wrote:
https://github.com/RUB-NDS/Johnny-You-Are-Fired https://raw.githubusercontent.com/RUB-NDS/Johnny-You-Are-Fired/master/paper/johnny-fired.pdf
Great work, thanks! I guess that's another fine demonstration that code that's not really used in anger enough tends to have lots of frailties;-( A comment and a question: - I think it'd be a fine thing if this were to be presented at an IETF meeting - if some of the authors are going to be at one of those (or would present remotely) then contacting the security area directors and asking for a slot at some saag session would be a fine thing. - I wasn't clear how to interpret the missing combinations from Table 2, e.g. does the lack of mention of the Linux/TB/Enigmail combination mean that it was not vulnerable to the attacks or that it was not tested? (Or that it's almost certainly vulnerable but you'd already broken so much so well, it wasn't worth specifically documenting;-) Cheers, S.
_______________________________________________ openpgp mailing list openpgp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/openpgp
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ openpgp mailing list openpgp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/openpgp
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails, ilf |
|---|---|
| Next by Date: | Re: [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails, Marcus Brinkmann |
| Previous by Thread: | [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails, ilf |
| Next by Thread: | Re: [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails, Marcus Brinkmann |
| Indexes: | [Date] [Thread] [Top] [All Lists] |