PGP: sequencing messages

Sat, 08 Apr 2000 21:14:31 -0300 (ADT)

On Mon, 10 Apr 2000 17:32:51 +0000, John Drabik wrote:

>I don't see how.  The issue involves both electronic and paper e-mail
>returns, and it would only be necessary to miss one space or tab
>character, and the whole thing is off.  Second, it doesn't allow

Oh, I didn't know you had to visually inspect paper copies of the
email. You're right that may make it a bit cumbersome to use PGP
signatures. However, they're unique enough that you could probably
search for a PGP signature as quickly as you could search for any
unique ID you personally dream up.

For example:

Case 1:
You send your messages with your own scheme of IDs, say something
like "Bob109r22" appears in the email somewhere to tell you you sent
it to Bob.

Case 2:
Or suppose you send your message with the line "Dear Bob," in it and
you PGP sign it. The unique identifier in this case will be the PGP
signature which will be similar to something like this:

Suppose these two messages both got printed out and returned to you.
How can you quickly find to whom and when they were sent?

Case 1:
You would probably open PMMail/2, click "Tools->Search Messages",
enter the search string "Bob109r22", select the appropriate folder
(probably sent messages or something) and hit the search button. A
few seconds later you'd get a match indicating the original email.

Case 2:
You would probably open PMMail/2, click "Tools->Search Messages",
enter *any* search string contained in the PGP signtuare, such as
"QMYIYxI5h" (I just grabbed a section from the middle at random),
select the appropriate folder (probably sent messages or something)
and hit the search button. A few seconds later you'd get a match
indicating the original email. Then you open the email and verify by
a quick glance that the PGP signature is the one on the hard copy.
It's *EXTREMELY* unlikely that two PGP signatures would be similar
enough that a few seconds glance wouldn't reveal it.

Net difference in time: probably 2 seconds. Worst case: the string
you enter for the PGP signature might appear in a few emails you've
sent. All them might be listed in the search results and you would
have to open a few messages instead of just one to verify which was
the real original.

>rapid lookup - you have to get the message, strip comments or >
>markers, and then recompute the PGP signature, *without* sending the
>message, and then compare the results to some archive.  The last

I'm not sure what you're talking about here. Probably since I don't
understand the full intended purpose it's just not clear to me.

PMMail/2 automates most PGP signature operations such as signature
verifying. If a message was modified (by adding comments or reply
markers) I thought the point was that you wanted to be able to
immediately tell. PMMail/2 would automatically tell you either a) the
message isn't signed (i.e. the signature has been removed) or b) the
signature is invalid (i.e. the signature remains but the message has
been modified somehow).

In either case your stated requirement of knowing the message was
*NOT* an original sent by *YOU* is met.

If neither of these is the case (the signature remains and is valid)
it will immediately tell you who it was signed by (presumably you)
and when. It's as simple as that.

Is there any scenario I'm leaving out?

>point is that it is impossible to "individualize" a message when sent
>as a group (i.e., send the same message to several people), because
>there is no individual ID anywhere in the message.

You mean send a message like this?

  To: Bob, Joan, Frank, Ralph
  Subject: Job offer

  Hi. I'd like to offer you a job.
  (secret ID: af441gaabhgh)

Yes, in this case it would be impossible to later tell who forwarded
this message since they all had a copy.

This is 100% the same problem regardless of whether you use PGP
signatures or your own unique ID system. Whether you use PGP
signatures or not, you *must* generate some unique information in
each message and send them one at a time to the recipients if you
ever want to know who might have later forwarded it.

You can generate these unique IDs yourself based on some algorithm
and REXX script you write, or you can let PGP do it for you
automatically and (probably) millions of times more securely than you
can ever achieve otherwise.

Again, I'd recommend something dead simple like this:

(message 1)
  To: Bob
  Subject: Job offer

  Hi Bob. I'd like to offer you a job.

(message 2)
  To: Joan
  Subject: Job offer

  Hi Joan. I'd like to offer you a job.

(etc.)
PGP sign each message and you've got a foolproof method.

Shrug.

>I'd argue that point.  How is one to get a message back, do a
>foolproof strip, and regenerate the PGP signature easily?  And if the

I'm still not sure I follow you here. Again, PMMail/2 should handle
all the mechanics of PGP signature verification for you. A message
comes in and PMMail/2 automatically tells you who it was signed by
and when -OR- it tells you it was not signed or that the signature is
unknown or invalid.

Period.

No stripping, computing or intervention invovled on your part.

Anyway, I get the impression you're pretty much decided against PGP
signing and that's fine. It is your application after all. I think it
would be by far the simplest and most secure solution, but like I
said, I don't know the full details of what you're doing so I could
easily be missing something.

If you really wanted, I'd be happy (it would be fun) to set up some
form emails with the system I suggest and send them to you. You could
then do anything you can imagine someone else doing to try to "trick"
me with them and I could tell you if you succeed and how much effort
it took me to verify things.

-- 
 Trevor Smith          |          trevor@haligonian.com
 PGP public key available at: www.haligonian.com/trevor

PGP Public Key Fingerprint= A68C C4EC C163 5C0A 6CFA  671F 05D4 0B30 318B AFD6