[Fwd: Czech attack to PGP]
Ben Clifford
benc at hawaga.org.uk
Fri, 23 Mar 2001 13:24:24 +0000 (/etc/localtime)
> 4. Plod does not believe you, but he cannot prove it is not signature
> only. But he deperately needs your passphrase (for whatever reason).
> So he invites you to "demonstrate this is a signature key" by signing
> something with it.
Does signing something demonstrate that the key is a signature *only* key?
Getting you to sign something would allow them to check that it is the
same key that you have used to sign stuff with, but I don't see how that
proves that it is not an encryption key.
Ben