On Thu, 23 Feb 2017 20:56:28 -0500, "Patrick W. Gilmore" said: > According to the blog post, you can create two documents which have the same > hash, but you do not know what that hash is until the algorithm finishes. You > cannot create a document which matches a pre-existing hash, i.e. the one in > the > signed doc.
You missed the point. I generate *TWO* documents, with different terms but the same hash. I don't care if it matches anything else's hash, as long as these two documents have the same hash. I get you to sign the hash on the *ONE* document I present to you that is favorable to you. I then take your signature and transfer it to the *OTHER* document. No, I can't create a collision to a document you produced, or do anything to a document you already signed. But if I'm allowed to take it and make "minor formatting changes", or if I can just make sure I have the last turn in the back-and-forth negotiating... because the problem is if I can get you to sign a plaintext of my choosing....
pgpaKcy9lQzuO.pgp
Description: PGP signature
