Re: Clarification of challenge to Joseph Ashwood:
-- Joseph Ashwood: So it's going to be broken by design. These are critical errors that will eliminate any semblance of security in your program. James A. Donald: I challenge you to fool my canonicalization algorithm by modifying a message to as to change the apparent meaning while preserving the signature, or by producing a message that verifies as signed by me, while in fact a meaningfully different message to any that was genuinely signed by me. Joseph Ashwood: That's easy, remember that you didn't limit the challenge to text files. It should be a fairly simple matter to create a JPEG file with a number of 0xA0 and 0x20 bytes, by simply swapping the value of those byte one can create a file that will pass your verification, but will obviously be corrupt. Your canonicalization is clearly and fatally flawed. If so easy, do it. Joseph Ashwood must produce a message that is meaningfully different from any of the numerous messages that I have sent to cypherpunks, but which verifies as sent by the same person who sent past messages. Thus for Kong to be broken one must store a past message from that proflic poster supposed called James Donald, in the Kong database, and bring up a new message hacked up by Joseph Ashwood, and have Kong display in the signature verification screen Joseph Ashwood: To verify that I would of course have to download and install Kong, In other words, you are blowing smoke, and know full well you are blowing smoke. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG H1Nbd40fMEd0QoHFng2hEcuA2a/BP07ab+GOBowZ 4HIcNbSdMF02EWVm52VJqtj0Jas+Wmq/SZ/UyT0uq
Re: Clarification of challenge to Joseph Ashwood:
Sorry, I didn't bother reading the first message, and I won't bother reading any of the messages further in this thread either. Kong lacks critical functionality, and is fatally insecure for a wide variety of uses, in short it is beyond worthless, ranging into being a substantial risk to the security of anyone/group that makes use of it. - Original Message - From: James A. Donald [EMAIL PROTECTED] Subject: Clarification of challenge to Joseph Ashwood: Joseph Ashwood: So it's going to be broken by design. These are critical errors that will eliminate any semblance of security in your program. James A. Donald: I challenge you to fool my canonicalization algorithm by modifying a message to as to change the apparent meaning while preserving the signature, or by producing a message that verifies as signed by me, while in fact a meaningfully different message to any that was genuinely signed by me. That's easy, remember that you didn't limit the challenge to text files. It should be a fairly simple matter to create a JPEG file with a number of 0xA0 and 0x20 bytes, by simply swapping the value of those byte one can create a file that will pass your verification, but will obviously be corrupt. Your canonicalization is clearly and fatally flawed. Three quarters of the user hostility of other programs comes from their attempt to support true names, and the rest comes from the cleartext signature problem. Kong fixes both problems. Actually Kong pretends the first problem doesn't exist, and corrects the second one in such a way as to make it fatally broken. Joseph Ashwood must produce a message that is meaningfully different from any of the numerous messages that I have sent to cypherpunks, but which verifies as sent by the same person who sent past messages. Thus for Kong to be broken one must store a past message from that proflic poster supposed called James Donald, in the Kong database, and bring up a new message hacked up by Joseph Ashwood, and have Kong display in the signature verification screen To verify that I would of course have to download and install Kong, something that I will never do, I don't install software I already know is broken, and fails to address even the most basic of problems. Joe
Re: Clarification of challenge to Joseph Ashwood:
-- Joseph Ashwood: So it's going to be broken by design. These are critical errors that will eliminate any semblance of security in your program. James A. Donald: I challenge you to fool my canonicalization algorithm by modifying a message to as to change the apparent meaning while preserving the signature, or by producing a message that verifies as signed by me, while in fact a meaningfully different message to any that was genuinely signed by me. Joseph Ashwood: That's easy, remember that you didn't limit the challenge to text files. It should be a fairly simple matter to create a JPEG file with a number of 0xA0 and 0x20 bytes, by simply swapping the value of those byte one can create a file that will pass your verification, but will obviously be corrupt. Your canonicalization is clearly and fatally flawed. If so easy, do it. Joseph Ashwood must produce a message that is meaningfully different from any of the numerous messages that I have sent to cypherpunks, but which verifies as sent by the same person who sent past messages. Thus for Kong to be broken one must store a past message from that proflic poster supposed called James Donald, in the Kong database, and bring up a new message hacked up by Joseph Ashwood, and have Kong display in the signature verification screen Joseph Ashwood: To verify that I would of course have to download and install Kong, In other words, you are blowing smoke, and know full well you are blowing smoke. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG H1Nbd40fMEd0QoHFng2hEcuA2a/BP07ab+GOBowZ 4HIcNbSdMF02EWVm52VJqtj0Jas+Wmq/SZ/UyT0uq
Clarification of challenge to Joseph Ashwood:
-- James A. Donald: (ranting on the user hostility of PGP) Presumably the theory underlying this brilliant design decision was that in the bad old days, a [signed clear text file signed] under unix would not verify under windows because of trivial differences such as the fact the whitespace is expressed slightly differently. Here is a better fix, one that I implemented in Kong: Define several signature types with the default signature type ignoring those aspects of the message that are difficult for the user to notice, so that if a message looks pretty much the same to the user, it has the same signature, by, for example, canonicalizing whitespace and single line breaks, and treating the hard space (0xA0) the same as the soft space. (0x20), and so on and so forth. Joseph Ashwood: So it's going to be broken by design. These are critical errors that will eliminate any semblance of security in your program. James A. Donald: I challenge you to fool my canonicalization algorithm by modifying a message to as to change the apparent meaning while preserving the signature, or by producing a message that verifies as signed by me, while in fact a meaningfully different message to any that was genuinely signed by me. Let see you doing some work to back up your empty words. The source code for my canonicalization code is on the net. If you say it is broken, break it! To clarify, Kong works by checking a signature against the message, and against other messages in its database. Its job is not to identify the true James Donald, but to keep the different people claiming to be James Donald clearly separated. Thus Kong would be broken if such separation could be obfuscated or confused. Any program attempting to determine whether Bob is someone's true name is attempting to do something that computers cannot do, hence the intolerable certificate management problems of software that attempts to do that. Three quarters of the user hostility of other programs comes from their attempt to support true names, and the rest comes from the cleartext signature problem. Kong fixes both problems. Joseph Ashwood must produce a message that is meaningfully different from any of the numerous messages that I have sent to cypherpunks, but which verifies as sent by the same person who sent past messages. Thus for Kong to be broken one must store a past message from that proflic poster supposed called James Donald, in the Kong database, and bring up a new message hacked up by Joseph Ashwood, and have Kong display in the signature verification screen The signature in this document matches the signature on another document signed by James A. Donald. Do you wish to view this document. While Kong display a document meaningfully different from any that was posted by James A. Donald. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH 4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO
Clarification of challenge to Joseph Ashwood:
-- James A. Donald: (ranting on the user hostility of PGP) Presumably the theory underlying this brilliant design decision was that in the bad old days, a [signed clear text file signed] under unix would not verify under windows because of trivial differences such as the fact the whitespace is expressed slightly differently. Here is a better fix, one that I implemented in Kong: Define several signature types with the default signature type ignoring those aspects of the message that are difficult for the user to notice, so that if a message looks pretty much the same to the user, it has the same signature, by, for example, canonicalizing whitespace and single line breaks, and treating the hard space (0xA0) the same as the soft space. (0x20), and so on and so forth. Joseph Ashwood: So it's going to be broken by design. These are critical errors that will eliminate any semblance of security in your program. James A. Donald: I challenge you to fool my canonicalization algorithm by modifying a message to as to change the apparent meaning while preserving the signature, or by producing a message that verifies as signed by me, while in fact a meaningfully different message to any that was genuinely signed by me. Let see you doing some work to back up your empty words. The source code for my canonicalization code is on the net. If you say it is broken, break it! To clarify, Kong works by checking a signature against the message, and against other messages in its database. Its job is not to identify the true James Donald, but to keep the different people claiming to be James Donald clearly separated. Thus Kong would be broken if such separation could be obfuscated or confused. Any program attempting to determine whether Bob is someone's true name is attempting to do something that computers cannot do, hence the intolerable certificate management problems of software that attempts to do that. Three quarters of the user hostility of other programs comes from their attempt to support true names, and the rest comes from the cleartext signature problem. Kong fixes both problems. Joseph Ashwood must produce a message that is meaningfully different from any of the numerous messages that I have sent to cypherpunks, but which verifies as sent by the same person who sent past messages. Thus for Kong to be broken one must store a past message from that proflic poster supposed called James Donald, in the Kong database, and bring up a new message hacked up by Joseph Ashwood, and have Kong display in the signature verification screen The signature in this document matches the signature on another document signed by James A. Donald. Do you wish to view this document. While Kong display a document meaningfully different from any that was posted by James A. Donald. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH 4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO
Clarification of challenge to Joseph Ashwood:
-- James A. Donald: (ranting on the user hostility of PGP) Presumably the theory underlying this brilliant design decision was that in the bad old days, a [signed clear text file signed] under unix would not verify under windows because of trivial differences such as the fact the whitespace is expressed slightly differently. Here is a better fix, one that I implemented in Kong: Define several signature types with the default signature type ignoring those aspects of the message that are difficult for the user to notice, so that if a message looks pretty much the same to the user, it has the same signature, by, for example, canonicalizing whitespace and single line breaks, and treating the hard space (0xA0) the same as the soft space. (0x20), and so on and so forth. Joseph Ashwood: So it's going to be broken by design. These are critical errors that will eliminate any semblance of security in your program. James A. Donald: I challenge you to fool my canonicalization algorithm by modifying a message to as to change the apparent meaning while preserving the signature, or by producing a message that verifies as signed by me, while in fact a meaningfully different message to any that was genuinely signed by me. Let see you doing some work to back up your empty words. The source code for my canonicalization code is on the net. If you say it is broken, break it! To clarify, Kong works by checking a signature against the message, and against other messages in its database. Its job is not to identify the true James Donald, but to keep the different people claiming to be James Donald clearly separated. Thus Kong would be broken if such separation could be obfuscated or confused. Any program attempting to determine whether Bob is someone's true name is attempting to do something that computers cannot do, hence the intolerable certificate management problems of software that attempts to do that. Three quarters of the user hostility of other programs comes from their attempt to support true names, and the rest comes from the cleartext signature problem. Kong fixes both problems. Joseph Ashwood must produce a message that is meaningfully different from any of the numerous messages that I have sent to cypherpunks, but which verifies as sent by the same person who sent past messages. Thus for Kong to be broken one must store a past message from that proflic poster supposed called James Donald, in the Kong database, and bring up a new message hacked up by Joseph Ashwood, and have Kong display in the signature verification screen The signature in this document matches the signature on another document signed by James A. Donald. Do you wish to view this document. While Kong display a document meaningfully different from any that was posted by James A. Donald. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH 4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO