secure sign & encrypt
Adrian 'Dagurashibanipal' von Bidder
avbidder@fortytwo.ch
Thu May 23 11:19:01 2002
--=-+TYm2zHn2izZGRW4c328
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Wed, 2002-05-22 at 18:55, Robert J. Hansen wrote:
> > In other words, your threat model says that you do not only trust the
> > sender (signer) of a message, but you trust all people who may get
> > signed messages from that sender. (Or, alternatively, you as the
>=20
> <testy>
> No. Please don't make assumptions about my threat model, especially ones=
=20
> which are subtly and seriously wrong.
> </testy>
I'm sorry if I misunderstand you here. Let me ask you, then:
You receive an encrypted + signed message. What do you know now?
You trust the signature. Do you trust that nobody has read the message
in passing?
cheers
-- vbi
--=20
secure email with gpg avbidder@fortytwo.ch: key id 0x92082481
avbidder@acter.ch: key id 0x5E4B731F
--=-+TYm2zHn2izZGRW4c328
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA87LRQwj49sl5Lcx8RAomUAJwLd+arZwf1fAY2/+IaxgG43CwUhACfcphN
uL9roi4q9vJvLQ3elBRy7Jw=
=XF8q
-----END PGP SIGNATURE-----
--=-+TYm2zHn2izZGRW4c328--