secure sign & encrypt

[Adrian 'Dagurashibanipal' von Bidder]

--=-sHn1TXuvzo0FFuYUJyVo
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2002-05-22 at 15:29, Robert J. Hansen wrote:
> > Why do locks exist, then? The existence of thieves is a purely

> > Currently, to get secure, authenticated end-to-end encryption with gpg,
> > the sender has to sign/encrypt/sign, which presently requires at least =
2
> > gpg invocations, and the recipient has to manually verify that the inne=
r
> > and the outer signature match.=20
>=20
> No: only for people whose threat models include a paranoiac distrust of
> their recipients have to worry about this.  My threat model doesn't
> incorporate that, and thus, I can get (just to be buzzword-compliant)
> "secure, authenticated end-to-end encryption with GPG" just by signing
> and encrypting.

signing and encrypting is a secure end-to-end channel from the *senders*
point of view. the problem is that for a potential *recipient* of an
encrypted & signed msg it is impossible to know much about the potential
prior recipient of the message (the one that encrypted and forwarded
it).

In other words, your threat model says that you do not only trust the
sender (signer) of a message, but you trust all people who may get
signed messages from that sender. (Or, alternatively, you as the
receiver of a confidential message do not care to know if it really was
sent encrypted or not.)

cheers
-- vbi


--=20
secure email with gpg            avbidder@fortytwo.ch: key id 0x92082481
                                 avbidder@acter.ch:    key id 0x5E4B731F


--=-sHn1TXuvzo0FFuYUJyVo
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQA867zowj49sl5Lcx8RAjSNAJsFMg98jQeZWlG9Fo+/rs4dmB2IBwCdGMaZ
fX7WLJlFukV4EQ+X8n0zWmA=
=Qtjy
-----END PGP SIGNATURE-----

--=-sHn1TXuvzo0FFuYUJyVo--