signing & encrypting

Aurelio Turco
Fri May 17 13:31:01 2002

Werner Koch wrote:
> The problem with S(E(m)) is that it reveals information about the
> sender/signer whereas E(S(m)) does only tell you who is the recipient

Please forgive my ignorance in the matter, but,
if E(m) is vulnerable to tampering, why isnt E(S(m))?

I understand why S(E(m)) isnt, but with E(S(m)),
it is not obvious to me at all.

Any help would be much appreciated.