pgpfan:legends
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| pgpfan:legends [2024/03/13 18:35] – Yet another try at a clear argument. b.walzer | pgpfan:legends [2024/05/02 13:27] (current) – [Misleading Legends Caused by EFAIL] This needs a good analogy b.walzer | ||
|---|---|---|---|
| Line 73: | Line 73: | ||
| So if you want to, say, prevent EFAIL, then if you want to support messages without modification detection you will have to take an approach that does not depend on such detection. For example, you could take into account the modification detection provided by a signature. It makes no difference to the implementation if the format was originally modification detecting and someone changed it along the way. The implications are the same. So in a very real sense, the fact that it might be possible to transmogrify a message with modification detection to one without is irrelevant to the discussion of security in the OpenPGP case. | So if you want to, say, prevent EFAIL, then if you want to support messages without modification detection you will have to take an approach that does not depend on such detection. For example, you could take into account the modification detection provided by a signature. It makes no difference to the implementation if the format was originally modification detecting and someone changed it along the way. The implications are the same. So in a very real sense, the fact that it might be possible to transmogrify a message with modification detection to one without is irrelevant to the discussion of security in the OpenPGP case. | ||
| + | |||
| + | Amazon might send you a toaster instead of a replacement lock. That doesn' | ||
| =====A Legend From the EFAIL Publicity Page===== | =====A Legend From the EFAIL Publicity Page===== | ||
pgpfan/legends.txt · Last modified: 2024/05/02 13:27 by b.walzer