What is the benefit of signing an encrypted email

Paul Richard Ramer free10pro at gmail.com
Wed Jan 12 11:28:29 CET 2011

On Wed, 12 Jan 2011 10:01:17 +0000, Nicholas Cole wrote:
> That thread is clearly right about the bulk of the paper, which is
> clearly an attack on the user of the crypto.  Signing ambiguous
> messages is not a good idea!   But what about the suggestion they made
> in section 1.2 about not signing crypt texts?  Am I right that openpgp
> always encrypts signed text, rather than signing encrypted text, and
> so is not vulnerable at all?

Yes, OpenPGP encrypts signed text rather than signing encrypted text.


PGP Key ID: 0x3DB6D884
PGP Fingerprint: EBA7 88B3 6D98 2D4A E045  A9F7 C7C6 6ADF 3DB6 D884

More information about the Gnupg-users mailing list