secure sign & encrypt

Adrian 'Dagurashibanipal' von Bidder avbidder at
Tue May 21 11:24:02 CEST 2002

On Fri, 2002-05-17 at 18:38, Robert J. Hansen wrote:

> Davis' `exploit' (in 1.1) basically boils down to this: if you can't trust 
> the person you're talking to, then the person you're talking to can use 
> your words in ways you don't like.  Is that a problem?  Sure.  But it's a 
> social problem, not a technological one.  It demands social solutions, not 
> different cryptographic standards.

Agreed that the exploit is not really technological. The programs do
exactly as told. From the senders point of view I agree fully to what
you say. BUT if somebody receives an encrypted message he will almost
always automatically assume secure end to end communication - which may
not be the case. The open question is basically if the user should be
educated that the software does not work the way they think (hard, I
think), or if the software should be modified to match the users
(reasonable, imho) expectations.

secure email with gpg                 avbidder at key id
                                      avbidder at    key id

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20020521/ebdca9e8/attachment.bin

More information about the Gnupg-devel mailing list