sign and encrypt

David Shaw dshaw at
Mon Jun 5 23:57:14 CEST 2006

On Mon, Jun 05, 2006 at 11:41:01PM +0200, mkontakt at wrote:
> I have seen in the spec rfc3156 that a message should be signed and
> then encrypted, but hypothetically if send a message to someone I do
> not like and sign it and then encrypt it he/she can forward it to
> someone else pretending that the message was originally from my self.
> Is there anything I have missed in spec or in gnupg to forbid this?

This isn't a rfc3156 (PGP/MIME) or GPG issue.  The recipient can
forward anything he likes and there is no way to prevent him.

If you want to make it not useful for him to forward, stick something
like "I sent this to so-and-so" in the signed message.


More information about the Gnupg-users mailing list