Differences

This shows you the differences between two versions of the page.

--- pgpfan:authenticated [2022/09/26 17:09] – Link to new editorial b.walzer
+++ pgpfan:authenticated [2023/02/28 16:46] (current) – new point b.walzer
@@ Line 20: / Line 20: @@
 Offline applications are by nature stateless with no reverse channel available. A message is created and sent off over a network. A file is created and stored to some sort of media. So there is no concept or possibility of an ongoing connection. It is simplest to just cryptographically sign the content directly so this is how OpenPGP does it. As a result, OpenPGP does not need any sort of AE when used in the usual way.
+Suppose we decided we wanted to do things in the more complicated connection oriented way anyway. Since we would be authenticating the connection, not the message/document/file, that would mean that the recipients of our message/document/file would be able to trivially forge our signature. Fixing this would involve more extra complexity on top of the existing extra complexity. So, again, OpenPGP is doing things in the optimal way.
 OpenPGP supporting systems are sometimes called on to support the case of unsigned (anonymous) messages/files. An anonymous message/file can come from anywhere and be sent by anyone. If that person is up to no good and is hoping to mislead you or attack your end point they can just do that. If there is a requirement for AE they will just produce valid AE. There is no need to modify a message when they are creating the message in the first place. AE as most people understand it is pointless for messaging/file encryption when there is no authentication to begin with.