secure sign & encrypt

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Fri May 24 09:33:02 2002 

--=-jdknF5oRudFIcEcv2yDr
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Thu, 2002-05-23 at 16:29, Robert J. Hansen wrote:
> > In the end it all boils down that people (or, at least I) automatically
> > put different meanings to a message, depending on the source of the
>=20
[...]

> proposed fix does not fix the protocol--the protocol's not broken--it jus=
t=20
> makes the protocol come into line with how you think the protocol Ought T=
o=20
> Be.

Agree with you here - and I feel that to many users not willing to study
the protocol in dephth 'my' variant of the protocol is closer to what
people expect if they use a crypto solution.

Jukka:
> Perhaps signatures would work better.. that they contain information
> to who that particular message was sent. Perhaps the message itself ;)

I thought about the 'intended recipient' thing, analogous to my
'inteneded encryption key', but for non-encrypted messages. Clearly this
cannot be solved by gpg - how should it know the destination of the
message? However, MUAs could copy the To: header (and Subject:, too?)
into the signed area of the mail (MIME-Headers?), and use these infos
when displaying signed mail. (But as there are many more MUAs than
OpenPGP implementations, this proposal has an even smaller chance of
ever getting implemented)


As all points have probably been made (repeatedly - yes, I'm the guilty
here) it's probably ok if this is EOT here before the discussion becomes
endless (or we could always move over to de.alt.gruppenkasper).


cheers & HAND
-- vbi


--=20
secure email with gpg            avbidder@fortytwo.ch: key id 0x92082481
                                 avbidder@acter.ch:    key id 0x5E4B731F


--=-jdknF5oRudFIcEcv2yDr
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQA87ezewj49sl5Lcx8RAk5uAJ9GuA/n9G7N4WA88e+5PFOEQDgOxQCdH1kt
koDk6bA8CU53j+Fe3Fg98CI=
=DnRn
-----END PGP SIGNATURE-----

--=-jdknF5oRudFIcEcv2yDr--