What is the benefit of signing an encrypted email

Hauke Laging mailinglisten at hauke-laging.de
Wed Jan 12 18:10:49 CET 2011

Am Mittwoch 12 Januar 2011 17:44:48 schrieb Daniel Kahn Gillmor:
> On 01/12/2011 11:39 AM, Hauke Laging wrote:
> > a) usual ("not thought about") email, just as a first hard line of
> > defense against forgery
> What do you think you would gain from a signature made by an individual
> if they did not think they were making it?

If only one person is capable of making a signature then it's not important 
whether he "thinks" he made it.

> How is this a "hard line of defense against forgery" ?

Let's take this email as an example. I write it on my PC which may be more 
secure than the average system but has all the weaknesses of a system which 
does all the daily work.

I mean: It is POSSIBLE to steal my secret key but it is not EASY. For normal 
email communication I regard this as enough. For signing treaties or other 
keys I use other keys (and a different environment).

PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110112/63025708/attachment.pgp>

More information about the Gnupg-users mailing list