Slashdot Mirror

← Back to Stories (view on slashdot.org)

PGP Key Validity Attack

Posted by michael on Tuesday September 4, 2001 @04:34AM from the key-to-the-city dept.

Sieuwert van Otterloo writes: "I have discovered a new attack on PGP. It allows one to introduce an invalid key as valid in the network of trust. All information is on www.bluering.nl/pgp. Network Associates has confirmed the problem and made a patch. The attack is officially published in a talk at the university of Utrecht this afternoon, (4 september 15:00 CET)." Network Associates has a page up, and patches.

2 of 5 comments (clear)

Min score:

Reason:

Sort:

slashdot broken? by BumbaCLot · 2001-09-04 05:13 · Score: 0, Offtopic

no replies 1 hour later?
Re:PGP has a user interface? by Sarcasmooo! · 2001-09-04 12:36 · Score: 1, Offtopic

If I could get it to work, my PGP-freeware for windows would have a user interface. Unfortunately I'm a stoopids, and when I try to use the thingamajig to secure my network what'sit card I can't connect to my email server thingy. In other words this entire post is a cheap trick to get technical assistance.