sign and encrypt

mkontakt at mkontakt at
Tue Jun 6 14:09:36 CEST 2006

Yes, I meant this. I can thing of other solutions as s-e-s or
signing the header of email messages in separate mime part, but it would
consume cpu, as you would not be able to sign a message and simply
encrypt it n-times  with recipients keys. So the best way around this
problem is to educate users. 

Thanks for your comment 

On Mon, Jun 05, 2006 at 02:58:32PM -0700, Chris De Young wrote:
> mkontakt at wrote:
> > I have seen in the spec rfc3156 that a message should be signed and
> > then encrypted, but hypothetically if send a message to someone I do
> > not like and sign it and then encrypt it he/she can forward it to
> > someone else pretending that the message was originally from my self.
> I assume you mean forward the decrypted version, with the signature
> intact, since the encrypted version would only be readable by the
> intended recipient.
> Yes, this could happen, but it doesn't seem like a very big problem.
> The deception doesn't work if anything in the message itself indicates
> who the intended recipient is ("Hey Mike, [...]").
> Signing after encryption exposes more information about the message,
> which I think is the main reason it's discouraged.  The encrypted
> version is already tamper-proof, since any alteration will break the
> decryption.
> -C

> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

More information about the Gnupg-users mailing list