secure sign & encrypt

Jukka Holappa jukkaho at
Thu May 23 12:58:01 CEST 2002

Hash: SHA1

Adrian 'Dagurashibanipal' von Bidder wrote:
| On Wed, 2002-05-22 at 18:55, Robert J. Hansen wrote:
|>>In other words, your threat model says that you do not only trust the
|>>sender (signer) of a message, but you trust all people who may get
|>>signed messages from that sender. (Or, alternatively, you as the
|>No.  Please don't make assumptions about my threat model, especially ones
|>which are subtly and seriously wrong.
| I'm sorry if I misunderstand you here. Let me ask you, then:
| You receive an encrypted + signed message. What do you know now?
| You trust the signature. Do you trust that nobody has read the message
| in passing?

I'm sorry to get in the middle of this, but you really can't know that
with all the signatures you put in it.

Maybe someone read the message over the shoulder before it was
signed+encrypted(+signed) or whatever.

You just have to trust a person to encrypt before anyone sees the
message. If he/she fails to do this, there's no secret message in it any

- - Jukka
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the Gnupg-devel mailing list