On Sun, 6 Jun 2004, Seth Goodman wrote:
6) "If the forwarders, how is it different from SRS?"
Forwarders do not sign the MAIL FROM:.
This leaves them open to the 5 party attack documented at
http://www.libsrs2.org/srs/srs.pdf.
SRS is also vulnerable to the 5-party attack and that doesn't
seem to be of
much concern. Why is it here?
SRS is not vulnerable to the 5 party attack. Read the paper. Please.
That is news to me. My memory could be totally wrong, but I thought the
last time I read your paper, it showed that SRS was vulnerable to the
5-party attack. I will read your updated paper and try to go through this
scenario.
The 5 party attack has been documented as safe in SRS for about 2 or 3
months.
In any event, is it of any significant concern that a 5-party attack is
possible, if that is indeed the case?
The statement is not that "SRS is usually safe." It's that "SRS is safe."
Therefore even if it isn't important, SRS _has_ to be safe against the 5
party attack.
S.
--
Shevek http://www.anarres.org/
I am the Borg. http://www.gothnicity.org/