[messaging] Advertising public key in email (was: TOFU to ease PGP key discovery)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Feb 12 17:45:30 PST 2015
Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
>This is indeed the "janky MDC thing" Tom is talking about.
>
>from the spec:
>
> The body of this packet consists of:
>
> - A 20-octet SHA-1 hash of the preceding plaintext data of the
> Symmetrically Encrypted Integrity Protected Data packet,
> including prefix data, the tag octet, and length octet of the
> Modification Detection Code packet.
Just as a data point, CMS (S/MIME) also has an integrity-protection option,
but it uses encrypt-then-MAC, and also MACs the metadata associated with the
encrypted data (the IV and other information). If OpenPGP were updated to do
MDC a bit better, I'd vote for an EtM mechanism to replace the current MDC
hack.
Peter.
More information about the Messaging
mailing list