[messaging] Advertising public key in email (was: TOFU to ease PGP key discovery)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Feb 12 17:45:30 PST 2015

Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:

>This is indeed the "janky MDC thing" Tom is talking about.
>from the spec:
>  The body of this packet consists of:
>     - A 20-octet SHA-1 hash of the preceding plaintext data of the
>       Symmetrically Encrypted Integrity Protected Data packet,
>       including prefix data, the tag octet, and length octet of the
>       Modification Detection Code packet.

Just as a data point, CMS (S/MIME) also has an integrity-protection option,
but it uses encrypt-then-MAC, and also MACs the metadata associated with the
encrypted data (the IV and other information).  If OpenPGP were updated to do
MDC a bit better, I'd vote for an EtM mechanism to replace the current MDC


More information about the Messaging mailing list