Stefan Suurmeijer wrote:
Check out the gnupg discussion lists. The addresses can be found at www.gnupg.org. On the first line you can also find the following:
--> Snip GnuPG is not vulnerable to the faked ARR (aka ADK) attack as PGP 5 and 6 is. The reason for this is that GnuPG does intentionally not handle those "additional recipients requests". BTW, those Big Brother packets are not defined in the OpenPGP standard - they are a proprietary PGP extension. --> Snap
Yes, I DID check out the gnupg develop maillist.
Please correct me if I make a mistake, but I come to the following
conclusion:
gpg might be secure, but if anybody uses an insecure pgp-descendant to
encode to my public key, the ciphertext is not necessarily secure,
because
somebody might have inserted an ADK into my public key.
The possibility to modify signed keys seems to have dire consequences on
the "network of trust"-concept, which is central to pgp.
Rupert
--
Rupert Kittinger