Re: Clarification of challenge to Joseph Ashwood:

2002-11-03 Thread James A. Donald 
--
Joseph Ashwood:
So it's going to be broken by design. These are 
critical errors that will eliminate any semblance of 
security in your program.

James A. Donald:
I challenge you to fool my canonicalization algorithm by 
modifying a message to as to change the apparent meaning 
while preserving the signature, or  by producing a 
message that verifies as signed by me, while in fact a 
meaningfully different message to any that was genuinely 
signed by me.

Joseph Ashwood:
 That's easy, remember that you didn't limit the challenge to 
 text files. It should be a fairly simple matter to create a 
 JPEG file with a number of 0xA0 and 0x20 bytes, by simply 
 swapping the value of those byte one can create a file that 
 will pass your verification, but will obviously be corrupt. 
 Your canonicalization is clearly and fatally flawed.

If so easy, do it.

   Joseph Ashwood must produce a message that is meaningfully 
   different from any of the numerous messages that I have 
   sent to cypherpunks, but which verifies as sent by the 
   same person who sent past messages.
 
  Thus for Kong to be broken one must store a past message 
  from that proflic poster supposed called James Donald, in 
  the Kong database, and bring up a new message hacked up by 
  Joseph Ashwood, and have Kong display in the signature 
  verification screen

Joseph Ashwood:
 To verify that I would of course have to download and install 
 Kong,

In other words, you are blowing smoke, and know full well you
are blowing smoke. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 H1Nbd40fMEd0QoHFng2hEcuA2a/BP07ab+GOBowZ
 4HIcNbSdMF02EWVm52VJqtj0Jas+Wmq/SZ/UyT0uq

Re: Clarification of challenge to Joseph Ashwood:

2002-11-03 Thread Joseph Ashwood 
Sorry, I didn't bother reading the first message, and I won't bother reading
any of the messages further in this thread either. Kong lacks critical
functionality, and is fatally insecure for a wide variety of uses, in short
it is beyond worthless, ranging into being a substantial risk to the
security of anyone/group that makes use of it.

- Original Message -
From: James A. Donald [EMAIL PROTECTED]
Subject:  Clarification of challenge to Joseph Ashwood:


 Joseph Ashwood:
   So it's going to be broken by design. These are critical
   errors that will eliminate any semblance of security in
   your program.

 James A. Donald:
   I challenge you to fool my canonicalization algorithm by
   modifying a message to as to  change the apparent meaning
   while preserving the signature, or  by producing a message
   that verifies as signed by me, while in fact a meaningfully
   different message to any that was genuinely  signed by me.

That's easy, remember that you didn't limit the challenge to text files. It
should be a fairly simple matter to create a JPEG file with a number of 0xA0
and 0x20 bytes, by simply swapping the value of those byte one can create a
file that will pass your verification, but will obviously be corrupt. Your
canonicalization is clearly and fatally flawed.

 Three quarters of the user hostility of other programs comes
 from their attempt to support true names, and the rest comes
 from the cleartext signature problem.  Kong fixes both
 problems.

Actually Kong pretends the first problem doesn't exist, and corrects the
second one in such a way as to make it fatally broken.

  Joseph Ashwood must produce a message that is meaningfully
  different from any of the numerous messages that I have sent
  to cypherpunks, but which verifies as sent by the same person
  who sent past messages.

 Thus for Kong to be broken one must store a past message from
 that proflic poster supposed called James Donald, in the Kong
 database, and bring up a new message hacked up by Joseph
 Ashwood, and have Kong display in the signature verification
 screen

To verify that I would of course have to download and install Kong,
something that I will never do, I don't install software I already know is
broken, and fails to address even the most basic of problems.
Joe

Re: Clarification of challenge to Joseph Ashwood:

2002-11-03 Thread James A. Donald 
--
Joseph Ashwood:
So it's going to be broken by design. These are 
critical errors that will eliminate any semblance of 
security in your program.

James A. Donald:
I challenge you to fool my canonicalization algorithm by 
modifying a message to as to change the apparent meaning 
while preserving the signature, or  by producing a 
message that verifies as signed by me, while in fact a 
meaningfully different message to any that was genuinely 
signed by me.

Joseph Ashwood:
 That's easy, remember that you didn't limit the challenge to 
 text files. It should be a fairly simple matter to create a 
 JPEG file with a number of 0xA0 and 0x20 bytes, by simply 
 swapping the value of those byte one can create a file that 
 will pass your verification, but will obviously be corrupt. 
 Your canonicalization is clearly and fatally flawed.

If so easy, do it.

   Joseph Ashwood must produce a message that is meaningfully 
   different from any of the numerous messages that I have 
   sent to cypherpunks, but which verifies as sent by the 
   same person who sent past messages.
 
  Thus for Kong to be broken one must store a past message 
  from that proflic poster supposed called James Donald, in 
  the Kong database, and bring up a new message hacked up by 
  Joseph Ashwood, and have Kong display in the signature 
  verification screen

Joseph Ashwood:
 To verify that I would of course have to download and install 
 Kong,

In other words, you are blowing smoke, and know full well you
are blowing smoke. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 H1Nbd40fMEd0QoHFng2hEcuA2a/BP07ab+GOBowZ
 4HIcNbSdMF02EWVm52VJqtj0Jas+Wmq/SZ/UyT0uq

Clarification of challenge to Joseph Ashwood:

2002-11-02 Thread James A. Donald 
--
James A. Donald: (ranting on the user hostility of PGP)
   Presumably the theory underlying this brilliant design
   decision was that in the bad old days, a [signed clear
   text file signed] under unix would not verify under
   windows because of trivial differences such as the fact
   the whitespace is expressed slightly differently.
  
   Here is a better fix, one that I implemented in Kong:
   Define several signature types with the default signature
   type ignoring those aspects of the message that are
   difficult for the user to notice, so that if a message
   looks pretty much the same to the user, it has the same
   signature, by, for example, canonicalizing whitespace and
   single line breaks, and treating the hard space (0xA0)
   the same as the soft space. (0x20), and so on and so
   forth.

Joseph Ashwood:
  So it's going to be broken by design. These are critical
  errors that will eliminate any semblance of security in
  your program.

James A. Donald:
  I challenge you to fool my canonicalization algorithm by
  modifying a message to as to  change the apparent meaning
  while preserving the signature, or  by producing a message
  that verifies as signed by me, while in fact a meaningfully
  different message to any that was genuinely  signed by me.

 Let see you doing some work to back up your empty words.
 The source code for my canonicalization code is on the net. 
 If you say it is broken, break it!

To clarify, Kong works by checking a signature against the
message, and against other messages in its database.

Its job is not to identify the true James Donald, but to keep
the different people claiming to be James Donald clearly
separated.  Thus Kong would be broken if such separation could
be obfuscated or confused.

Any program attempting to determine whether Bob is someone's
true name is attempting to do something that computers cannot
do, hence the intolerable certificate management problems of
software that attempts to do that.

Three quarters of the user hostility of other programs comes
from their attempt to support true names, and the rest comes
from the cleartext signature problem.  Kong fixes both
problems.

 Joseph Ashwood must produce a message that is meaningfully
 different from any of the numerous messages that I have sent
 to cypherpunks, but which verifies as sent by the same person
 who sent past messages.

Thus for Kong to be broken one must store a past message from
that proflic poster supposed called James Donald, in the Kong
database, and bring up a new message hacked up by Joseph
Ashwood, and have Kong display in the signature verification
screen

The signature in this document matches the signature on
another document signed by James A. Donald.  Do you
wish to view this document.

While Kong display a document meaningfully different from any
that was posted by James A.  Donald. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH
 4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO

Clarification of challenge to Joseph Ashwood:

2002-10-01 Thread James A. Donald 

--
James A. Donald: (ranting on the user hostility of PGP)
   Presumably the theory underlying this brilliant design
   decision was that in the bad old days, a [signed clear
   text file signed] under unix would not verify under
   windows because of trivial differences such as the fact
   the whitespace is expressed slightly differently.
  
   Here is a better fix, one that I implemented in Kong:
   Define several signature types with the default signature
   type ignoring those aspects of the message that are
   difficult for the user to notice, so that if a message
   looks pretty much the same to the user, it has the same
   signature, by, for example, canonicalizing whitespace and
   single line breaks, and treating the hard space (0xA0)
   the same as the soft space. (0x20), and so on and so
   forth.

Joseph Ashwood:
  So it's going to be broken by design. These are critical
  errors that will eliminate any semblance of security in
  your program.

James A. Donald:
  I challenge you to fool my canonicalization algorithm by
  modifying a message to as to  change the apparent meaning
  while preserving the signature, or  by producing a message
  that verifies as signed by me, while in fact a meaningfully
  different message to any that was genuinely  signed by me.

 Let see you doing some work to back up your empty words.
 The source code for my canonicalization code is on the net. 
 If you say it is broken, break it!

To clarify, Kong works by checking a signature against the
message, and against other messages in its database.

Its job is not to identify the true James Donald, but to keep
the different people claiming to be James Donald clearly
separated.  Thus Kong would be broken if such separation could
be obfuscated or confused.

Any program attempting to determine whether Bob is someone's
true name is attempting to do something that computers cannot
do, hence the intolerable certificate management problems of
software that attempts to do that.

Three quarters of the user hostility of other programs comes
from their attempt to support true names, and the rest comes
from the cleartext signature problem.  Kong fixes both
problems.

 Joseph Ashwood must produce a message that is meaningfully
 different from any of the numerous messages that I have sent
 to cypherpunks, but which verifies as sent by the same person
 who sent past messages.

Thus for Kong to be broken one must store a past message from
that proflic poster supposed called James Donald, in the Kong
database, and bring up a new message hacked up by Joseph
Ashwood, and have Kong display in the signature verification
screen

The signature in this document matches the signature on
another document signed by James A. Donald.  Do you
wish to view this document.

While Kong display a document meaningfully different from any
that was posted by James A.  Donald. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH
 4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO

Clarification of challenge to Joseph Ashwood:

2002-09-30 Thread James A. Donald 

--
James A. Donald: (ranting on the user hostility of PGP)
   Presumably the theory underlying this brilliant design
   decision was that in the bad old days, a [signed clear
   text file signed] under unix would not verify under
   windows because of trivial differences such as the fact
   the whitespace is expressed slightly differently.
  
   Here is a better fix, one that I implemented in Kong:
   Define several signature types with the default signature
   type ignoring those aspects of the message that are
   difficult for the user to notice, so that if a message
   looks pretty much the same to the user, it has the same
   signature, by, for example, canonicalizing whitespace and
   single line breaks, and treating the hard space (0xA0)
   the same as the soft space. (0x20), and so on and so
   forth.

Joseph Ashwood:
  So it's going to be broken by design. These are critical
  errors that will eliminate any semblance of security in
  your program.

James A. Donald:
  I challenge you to fool my canonicalization algorithm by
  modifying a message to as to  change the apparent meaning
  while preserving the signature, or  by producing a message
  that verifies as signed by me, while in fact a meaningfully
  different message to any that was genuinely  signed by me.

 Let see you doing some work to back up your empty words.
 The source code for my canonicalization code is on the net. 
 If you say it is broken, break it!

To clarify, Kong works by checking a signature against the
message, and against other messages in its database.

Its job is not to identify the true James Donald, but to keep
the different people claiming to be James Donald clearly
separated.  Thus Kong would be broken if such separation could
be obfuscated or confused.

Any program attempting to determine whether Bob is someone's
true name is attempting to do something that computers cannot
do, hence the intolerable certificate management problems of
software that attempts to do that.

Three quarters of the user hostility of other programs comes
from their attempt to support true names, and the rest comes
from the cleartext signature problem.  Kong fixes both
problems.

 Joseph Ashwood must produce a message that is meaningfully
 different from any of the numerous messages that I have sent
 to cypherpunks, but which verifies as sent by the same person
 who sent past messages.

Thus for Kong to be broken one must store a past message from
that proflic poster supposed called James Donald, in the Kong
database, and bring up a new message hacked up by Joseph
Ashwood, and have Kong display in the signature verification
screen

The signature in this document matches the signature on
another document signed by James A. Donald.  Do you
wish to view this document.

While Kong display a document meaningfully different from any
that was posted by James A.  Donald. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 gQcEhL/Zl68mNm0WaeG7zRK5M+/3qbaE0t84hURH
 4st/8mhjCyBBCy1Ganf3ud6SNdzLZtUChQQbTA6SO