What is the benefit of signing an encrypted email

David Shaw dshaw at jabberwocky.com
Wed Jan 12 17:27:29 CET 2011

On Jan 12, 2011, at 11:13 AM, Robert J. Hansen wrote:

>> More often "I have no confidence they keep their secret keys strictly under 
>> their control" might be the relevant objection.
> In my case, it's "I think these individuals are mentally unstable and violent," but yes.  :)
>>> Speaking for Enigmail, it's because 99% of the time signatures are
>>> worthless.  They contribute to the illusion of data integrity while
>>> actually providing no guarantees.
>> You mix up the absence of a guarantee with being worthless.
> Show me the worth in a signed message that has any of (a) an incorrect signature, (b) from an invalid key, or (c) from someone you believe is utterly untrustworthy.

With (c), you can then have some assurance that their untrustworthiness has been faithfully maintained in the message since it was signed... ;)


More information about the Gnupg-users mailing list