What is the benefit of signing an encrypted email
Hauke Laging
mailinglisten at hauke-laging.de
Wed Jan 12 18:10:49 CET 2011
Am Mittwoch 12 Januar 2011 17:44:48 schrieb Daniel Kahn Gillmor:
> On 01/12/2011 11:39 AM, Hauke Laging wrote:
> > a) usual ("not thought about") email, just as a first hard line of
> > defense against forgery
>
> What do you think you would gain from a signature made by an individual
> if they did not think they were making it?
If only one person is capable of making a signature then it's not important
whether he "thinks" he made it.
> How is this a "hard line of defense against forgery" ?
Let's take this email as an example. I write it on my PC which may be more
secure than the average system but has all the weaknesses of a system which
does all the daily work.
I mean: It is POSSIBLE to steal my secret key but it is not EASY. For normal
email communication I regard this as enough. For signing treaties or other
keys I use other keys (and a different environment).
Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110112/63025708/attachment.pgp>
More information about the Gnupg-users
mailing list