What is the benefit of signing an encrypted email
Paul Richard Ramer
free10pro at gmail.com
Wed Jan 12 11:28:29 CET 2011
On Wed, 12 Jan 2011 10:01:17 +0000, Nicholas Cole wrote:
> That thread is clearly right about the bulk of the paper, which is
> clearly an attack on the user of the crypto. Signing ambiguous
> messages is not a good idea! But what about the suggestion they made
> in section 1.2 about not signing crypt texts? Am I right that openpgp
> always encrypts signed text, rather than signing encrypted text, and
> so is not vulnerable at all?
Yes, OpenPGP encrypts signed text rather than signing encrypted text.
PGP Key ID: 0x3DB6D884
PGP Fingerprint: EBA7 88B3 6D98 2D4A E045 A9F7 C7C6 6ADF 3DB6 D884
More information about the Gnupg-users