crypto flaw in secure mail standards

James M Galvin galvin at
Fri Jun 22 17:32:12 EDT 2001

On Fri, 22 Jun 2001, Jeffrey I. Schiller wrote:
    But there isn't a flaw in secure e-mail, just a missing service.

To put it another way, Don has identified the difference in what
non-repudiation frequently means to an engineer/technologist and what it
means to a lawyer/business.  The missing element is "timeliness".

Public key cryptography, or naive signing as Don was calling it, does
not in and of itself solve the non-repudiation problem.  It is certainly
an assertion as to the origin of whatever is signed but it asserts
nothing regarding the context of whatever is signed, of which timeliness
is essential.

I'd have to go back and look to be sure but it seems to me we got this
distinction right in our email standards; we were careful to state that
the signature identifies the origin of the message and that is all.

That hardly makes our secure email protocols *flawed*, although perhaps
they are easy to use incorrectly.  On the other hand, they all talk
about the object to be signed, which could just as easily be the entire
original message instead of just its content, which assuming suitable
To:, Cc:, Date:, and Subject: headers would solve the issue at hand.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list