On Fri, Nov 22, 2002 at 12:55:07AM +0100, Josselin Mouette wrote: > What if the attacker can intercept the messages ? He can prevent a > message from being sent, and keep it for another day. Seeing your > computer doesn't halt, you resend the message, and the attacker has 30 > days to use what he has stolen. > > A secure way to handle this would be a challenge/response > authentification, or a system similar to SSH's one-time passwords.
No, I think it is an inherent problem with using E-Mail for such things. As long as E-Mail is used, the possibility exists that the E-Mail will get delayed. If the E-Mail gets delayed it is not possible to cancel it, it has already been sent. An E-Mail could go missing due to bad mail configuration, could get delayed due to a link going down, or deliberately (for example). When the remote hosts does receive the E-Mail, it has no way of knowing if the submitter still wants it to be executed or not. Maybe it might be possible to send a "cancel" or "revoke" message to the server, but presumably if initial E-Mail got delayed, the cancel/revoke message would be delayed too. -- Brian May <[EMAIL PROTECTED]>
