[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Chosen-ciphertext attack on receiver anonymity

It seems from everyone's comments that there is a desire/need to complete this particular RFC, which makes sense.

I do think, however, that it would also make sense to eventually define an encryption standard that has "Key-Privacy" built in. I think the norm should be for the ciphertext not to reveal the receiver's identity. If an application wishes to do so they can always tag the ciphertext with the identity and an application that does not wish to do so is not forced to.

Anyway, if anyone has interest furthering this idea on a different venue let me know.


On Wed, 6 Jul 2005, Jon Callas wrote:

Right, that's what I feared.  Has anyone actually
implemented it *and* seen a benefit out in the field?

I think we should leave it the way it is.

Sorry. I want to put this RFC to bed, and that means we have to stop making tweaks.