Re: crypto flaw in secure mail standards

From: Riad S. Wahby (rswat_private)
Date: Sat Jun 23 2001 - 21:51:02 PDT

Next message: SDL Office: "Fw: Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit"

Previous message: joshuaat_private: "Re: Anonymized"
Next in thread: Tollef Fog Heen: "Re: crypto flaw in secure mail standards"
Reply: Tollef Fog Heen: "Re: crypto flaw in secure mail standards"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Derek Atkins <warlordat_private> wrote:
> The problem is not at all with the crypto.  The problem is with the
> integration of the crypto with applications like e-mail.

In this spirit, I have produced a patch for Mutt that adds an option
to include the To:, From:, CC:, and Subject: headers at the end of PGP
signed messages.

This patch happens to interact somewhat with a previous patch I
produced that allows Mutt to optionally send PGP messages as
content-type text/plain for broken mail clients like nmh and Eudora,
so I have integrated both into a single patch.  

It applies against mutt-1.2.5i; I haven't tested it against others,
but I suspect it should work fine.

http://positron.mit.edu/pub/plaintextappend.patch
ftp://positron.mit.edu/pub/plaintextappend.patch

--
Riad Wahby
rswat_private
MIT VI-2/A 2002

5105

Next message: SDL Office: "Fw: Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit"
Previous message: joshuaat_private: "Re: Anonymized"
Next in thread: Tollef Fog Heen: "Re: crypto flaw in secure mail standards"
Reply: Tollef Fog Heen: "Re: crypto flaw in secure mail standards"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jun 24 2001 - 10:31:17 PDT