secure sign & encrypt
Adrian 'Dagurashibanipal' von Bidder
avbidder at fortytwo.ch
Tue May 21 11:24:02 CEST 2002
On Fri, 2002-05-17 at 18:38, Robert J. Hansen wrote:
> Davis' `exploit' (in 1.1) basically boils down to this: if you can't trust
> the person you're talking to, then the person you're talking to can use
> your words in ways you don't like. Is that a problem? Sure. But it's a
> social problem, not a technological one. It demands social solutions, not
> different cryptographic standards.
Agreed that the exploit is not really technological. The programs do
exactly as told. From the senders point of view I agree fully to what
you say. BUT if somebody receives an encrypted message he will almost
always automatically assume secure end to end communication - which may
not be the case. The open question is basically if the user should be
educated that the software does not work the way they think (hard, I
think), or if the software should be modified to match the users
(reasonable, imho) expectations.
--
secure email with gpg avbidder at fortytwo.ch: key id
0x92082481
avbidder at acter.ch: key id
0x5E4B731F
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20020521/ebdca9e8/attachment.bin
More information about the Gnupg-devel
mailing list