“A Czech information security firm has found a flaw in
Pretty Good Privacy that permits digital signatures to be forged in
some situations.“
“Phil Zimmermann, the PGP inventor who’s now the director of the
OpenPGP Consortium, said on Wednesday that he and a Network
Associates (NETA) engineer verified that the vulnerability
exists.”
“ICZ, a Prague company with 450 employees, said that two of its
cryptologists unearthed a bug in the OpenPGP format that allows an
adversary who breaks into your computer to forge your e-mail
signature.”