-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 27/03/14 14:53, Daniel Kahn Gillmor wrote: > For the read-only document-sharing use case, you could stuff the > public signing key inside the encrypted body, in addition to the > signed cleartext. There's no need for it to be out-of-band except > for bandwidth conservation, but a minimal OpenPGP certificate > (mainkey+uid+selfsig, or mainkey+uid+selfsig+signingsubkey+selfsig > at worst) isn't going to be too terribly large compared to most > files.
This would require prior out-of-band delivery of some other public key that would sign the key stuffed into the file, right? Otherwise an attacker could modify the body, sign it with her own private key, and stuff her own public key into the file. All I'm really saying here is that OpenPGP isn't the right tool for this job because it lacks MACs. It wasn't meant to be an important point, just an aside. Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCAAGBQJTNGJuAAoJEBEET9GfxSfMnJ0H+wbpjyO+uRb/B1B9GAlnHtxB JWecDnf+L2iZfKNfndKRPlKzvJ8/cspAqJEDrqu2H+GvDGW6gC3FPJKZpqRTV6k3 Y4c+1SLuEMMG1dL4GyEM7lVBcrO6VB9hMUr9Z4nvRIhsmkL0l+ffn+nc4pfxUF6Q /Md07r8DQL737g2jV2Qreb6aFXRbW8DUPo+OiuC/AcRXkZTFa6HuCPPWWyOzNkSF hBmeUd7ZqF1qWL/b4CJjF5wcsBAzubLlLCtSmolysoBrFIvT1KH85zAHvkdQ3lKa jxdsn8huhTw1Ip2UawhIrqhFz0XO1suBHwdf83ovh0eu7yXvAsVoyLyY/o+4zEM= =Hfed -----END PGP SIGNATURE----- _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
