signing & encrypting
Frederic Gobry
frederic.gobry@smartdata.ch
Thu May 16 18:54:01 2002
--J/dobhs11T7y2rNN
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi,
> Other way around - when you encrypt and sign, you are doing
> encrypt(sign(data)).
=20
I remember having read somewhere a discussion about the semantic
difference between (encrypt . sign) and (sign . encrypt), which
explained that with e.s you cannot be sure who *sent* the encrypted
message (even if you know who wrote the signed one), whereas with s.e
you know who sent the encrypted message, but have no proof about the
original unencrypted text. Wouldn't it make sense to provide an option
to switch the order if one wants the second semantic ?
Fr=E9d=E9ric
--J/dobhs11T7y2rNN
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE84+RlFjQHpltE9KURAoWrAJwNm86qFMoY0mU3RWQHwica0rsAeACgi+zY
qR9zJWg74MdU9mman9ric4U=
=Sthv
-----END PGP SIGNATURE-----
--J/dobhs11T7y2rNN--