GPG PGP S/Mime vulnerability

[Julia A. Case]

--GvXjxJ+pjyke8COw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Quoting Anthony E. Greene (agreene@pobox.com):
> I think he means the From, To, Date, and Subject headers, all of which are
> known to the mail client at the time of composition. If mail clients
> inserted this data into the message before calling PGP, that would be an
> automated solution to the problem, assuming these headers had enough
> specific information to be of any help.
>=20

I'm still to sure this would work well, I mean do you require that the=20
From: address match one of the addresses in the signing key?  The=20
previously indicated methods of making sure you don't sign ambigous mails=
=20
seems the better choice.

Julia

--=20
[  Julia Anne Case  ] [        Ships are safe inside the harbor,       ]
[Programmer at large] [      but is that what ships are really for.    ]
[   Admining Linux  ] [           To thine own self be true.           ]
[ Windows/WindowsNT ] [ Fair is where you take your cows to be judged. ]

--GvXjxJ+pjyke8COw
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7coMX4HhEM0IT+S4RAvTxAJ0RsUrHyAWKNckgBhfavlryb9ZQjACfXJ+u
64kxRMIEf38v0QEVdeCkGZA=
=MJ7I
-----END PGP SIGNATURE-----

--GvXjxJ+pjyke8COw--