sign and encrypt
David Shaw
dshaw at jabberwocky.com
Mon Jun 5 23:57:14 CEST 2006
On Mon, Jun 05, 2006 at 11:41:01PM +0200, mkontakt at gmail.com wrote:
> I have seen in the spec rfc3156 that a message should be signed and
> then encrypted, but hypothetically if send a message to someone I do
> not like and sign it and then encrypt it he/she can forward it to
> someone else pretending that the message was originally from my self.
> Is there anything I have missed in spec or in gnupg to forbid this?
This isn't a rfc3156 (PGP/MIME) or GPG issue. The recipient can
forward anything he likes and there is no way to prevent him.
If you want to make it not useful for him to forward, stick something
like "I sent this to so-and-so" in the signed message.
David
More information about the Gnupg-users
mailing list