-- James A. Donald: (ranting on the user hostility of PGP) > > > Presumably the theory underlying this brilliant design > > > decision was that in the bad old days, a [signed clear > > > text file signed] under unix would not verify under > > > windows because of trivial differences such as the fact > > > the whitespace is expressed slightly differently. > > > > > > Here is a better fix, one that I implemented in Kong: > > > Define several signature types with the default signature > > > type ignoring those aspects of the message that are > > > difficult for the user to notice, so that if a message > > > looks pretty much the same to the user, it has the same > > > signature, by, for example, canonicalizing whitespace and > > > single line breaks, and treating the hard space (0xA0) > > > the same as the soft space. (0x20), and so on and so > > > forth.
Joseph Ashwood: > > So it's going to be broken by design. These are critical > > errors that will eliminate any semblance of security in > > your program. James A. Donald: > I challenge you to fool my canonicalization algorithm by > modifying a message to as to change the apparent meaning > while preserving the signature, or by producing a message > that verifies as signed by me, while in fact a meaningfully > different message to any that was genuinely signed by me. > > Let see you doing some work to back up your empty words. > The source code for my canonicalization code is on the net. > If you say it is broken, break it! To clarify, Kong works by checking a signature against the message, and against other messages in its database. Its job is not to identify the "true" James Donald, but to keep the different people claiming to be James Donald clearly separated. Thus Kong would be broken if such separation could be obfuscated or confused. Any program attempting to determine whether "Bob" is someone's true name is attempting to do something that computers cannot do, hence the intolerable certificate management problems of software that attempts to do that. Three quarters of the user hostility of other programs comes from their attempt to support "true" names, and the rest comes from the cleartext signature problem. Kong fixes both problems. Joseph Ashwood must produce a message that is meaningfully different from any of the numerous messages that I have sent to cypherpunks, but which verifies as sent by the same person who sent past messages. Thus for Kong to be "broken" one must store a past message from that proflic poster supposed called James Donald, in the Kong database, and bring up a new message hacked up by Joseph Ashwood, and have Kong display in the signature verification screen The signature in this document matches the signature on another document signed by James A. Donald. Do you wish to view this document. While Kong display a document meaningfully different from any that was posted by James A. Donald. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH 4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO