secure sign & encrypt

[Adrian 'Dagurashibanipal' von Bidder]

On Wed, 2002-05-22 at 15:29, Robert J. Hansen wrote:
> > Why do locks exist, then? The existence of thieves is a purely

> > Currently, to get secure, authenticated end-to-end encryption with gpg,
> > the sender has to sign/encrypt/sign, which presently requires at least 2
> > gpg invocations, and the recipient has to manually verify that the inner
> > and the outer signature match. 
> 
> No: only for people whose threat models include a paranoiac distrust of
> their recipients have to worry about this.  My threat model doesn't
> incorporate that, and thus, I can get (just to be buzzword-compliant)
> "secure, authenticated end-to-end encryption with GPG" just by signing
> and encrypting.

signing and encrypting is a secure end-to-end channel from the *senders*
point of view. the problem is that for a potential *recipient* of an
encrypted & signed msg it is impossible to know much about the potential
prior recipient of the message (the one that encrypted and forwarded
it).

In other words, your threat model says that you do not only trust the
sender (signer) of a message, but you trust all people who may get
signed messages from that sender. (Or, alternatively, you as the
receiver of a confidential message do not care to know if it really was
sent encrypted or not.)

cheers
-- vbi


-- 
secure email with gpg            avbidder at fortytwo.ch: key id 0x92082481
                                 avbidder at acter.ch:    key id 0x5E4B731F

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20020522/f900a81f/attachment.bin