What is the benefit of signing an encrypted email

jimbob palmer jimbobpalmer at gmail.com
Wed Jan 12 16:15:37 CET 2011


Hello,

2011/1/11 Martin Gollowitzer <gollo at fsfe.org>:
> Hi,
>
> * jimbob palmer <jimbobpalmer at gmail.com> [110111 12:05]:
>> In Firefox I can sign or encrypt or encrypt+sign an e-mail.
>>
>> In what case would I want my encrypted emails also signed? Does it
>> provide any additional benefit over a pure encrypted email?
>
> A digital signature is useful so the sender can check if that message
> was really sent by you. If it's only encrypted, there is no proof for
> that since everyone who knows the recipient's public key can encrypt
> messages for this particular person.

So encrypting an e-mail only provides a guarantee that the recipient
can read the message. It provides no guarantees about the sender.
Signing the message guarantees the sender.

Okay, I understand this. The question is, why on earth is the default
for encrypted email not to sign too (I'm talking about anything that
talks to gpg, like thunderbird). I suppose this might take me off
topic.

and would dkim be enough instead of signing the encrypted e-mails?

Thanks.

>
> All the best,
> Martin
>
> --
> The early worm is for the birds.
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>



More information about the Gnupg-users mailing list