Standard weakness: surreptitious forwarding

Johann Thomas
Thu Jun 6 20:31:02 2002

0. Source of information
I was pointed to this information by subscribers to the enigmail mailing 
list (

1. surreptitious forwarding means:
a recipient B may change a received message from sender A so that he can 
forward it to another recipient C leting C suppose he is the intended 

2. Short explanation for the weakness of sign than encrypt:
1st think of sign as the signing of a letter/paper written with a pen. 
The encrypting is the same as putting the letter in an envelope. B may 
change the envelope a send/forward the letter to C confuseing him/her.

3. Short explanation for the weakness of encrypt than sign:
B receives a letter with a signed envelope. He opens the envelope and 
puts another letter in it with a different message.

*Defective Sign & Encrypt in S/MIME, **PKCS#7, MOSS, PEM, PGP, and XML:*

Mailing list:

  Archive of ietf-openpgp, by date

Johann Thomas