can you deny you sent a signed e-mail?

vedaal at hush.com vedaal at hush.com
Tue Apr 27 23:10:37 CEST 2004


>Message: 2
>Date: Tue, 27 Apr 2004 13:37:03 -0400
>From: "Jerry Windrel" <jerry.windrel at verizon.net>
>Subject: Re: can you deny you sent a signed e-mail?
>To: <gnupg-users at gnupg.org>
>Message-ID: <00c101c42c7e$413f1090$6401a8c0 at Windows>
>Content-Type: text/plain;	charset="iso-8859-1"

>If anyone can just
>revoke
>their key and claim a hacker break-in, then what good does it do
>to generate
>signatures to begin with?

it is more important for 'trust' than for 'legality'

if someone trusts you, and your ability to sign and encrypt, and safely
guard your key,
then he/she can can be reasonably certain that a message that verifies
with your signature, came from 'you', and not an mailicious impersonator



if someone 'doesn't' trust you,

then there is a 'notary' signature type
that is being worked on, 
that can be requested,
and can date and record a signature as being done at a certain time,
which would be hard to claim later that it was stolen/forged
if the signer admitted to using the key any time after the notarized
signature, before revoking it/reporting it stolen

(but who says that the 'notary' is trustworthy ... ?)


my grandmother used to say,
(back in the olden days when people were not in the habit of going to
lawyers):

"if you really know and trust someone,
you don't need the 'papers'
if you don't trust them,
the 'papers' will not help you ..."


vedaal





Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427



More information about the Gnupg-users mailing list