--
James A. Donald: (ranting on the user hostility of PGP)
> > > Presumably the theory underlying this brilliant design
> > > decision was that in the bad old days, a [signed clear
> > > text file signed] under unix would not verify under
> > > windows because of trivial differences such as the fact
> > > the whitespace is expressed slightly differently.
> > >
> > > Here is a better fix, one that I implemented in Kong:
> > > Define several signature types with the default signature
> > > type ignoring those aspects of the message that are
> > > difficult for the user to notice, so that if a message
> > > looks pretty much the same to the user, it has the same
> > > signature, by, for example, canonicalizing whitespace and
> > > single line breaks, and treating the hard space (0xA0)
> > > the same as the soft space. (0x20), and so on and so
> > > forth.
Joseph Ashwood:
> > So it's going to be broken by design. These are critical
> > errors that will eliminate any semblance of security in
> > your program.
James A. Donald:
> I challenge you to fool my canonicalization algorithm by
> modifying a message to as to change the apparent meaning
> while preserving the signature, or by producing a message
> that verifies as signed by me, while in fact a meaningfully
> different message to any that was genuinely signed by me.
>
> Let see you doing some work to back up your empty words.
> The source code for my canonicalization code is on the net.
> If you say it is broken, break it!
To clarify, Kong works by checking a signature against the
message, and against other messages in its database.
Its job is not to identify the "true" James Donald, but to keep
the different people claiming to be James Donald clearly
separated. Thus Kong would be broken if such separation could
be obfuscated or confused.
Any program attempting to determine whether "Bob" is someone's
true name is attempting to do something that computers cannot
do, hence the intolerable certificate management problems of
software that attempts to do that.
Three quarters of the user hostility of other programs comes
from their attempt to support "true" names, and the rest comes
from the cleartext signature problem. Kong fixes both
problems.
Joseph Ashwood must produce a message that is meaningfully
different from any of the numerous messages that I have sent
to cypherpunks, but which verifies as sent by the same person
who sent past messages.
Thus for Kong to be "broken" one must store a past message from
that proflic poster supposed called James Donald, in the Kong
database, and bring up a new message hacked up by Joseph
Ashwood, and have Kong display in the signature verification
screen
The signature in this document matches the signature on
another document signed by James A. Donald. Do you
wish to view this document.
While Kong display a document meaningfully different from any
that was posted by James A. Donald.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH
4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO
