What is the benefit of signing an encrypted email

[Robert J. Hansen]

On 1/12/2011 11:24 AM, Daniel Kahn Gillmor wrote:
>  "look -- here is Mr. X claiming that he is going to poison the
> reservoir.  Please take this seriously, and note that it could only have
> come from Mr. X because it is signed with his key."

Mr. X has a conspirator, Ms. Y.  Mr. X deliberately avoids installing an
OS patch so that Ms. Y can pwn the box.  Now that you've made this
accusation against Mr. X, Mr. X reveals "hey, my box was cracked!  I've
been rooted and I've been sending out signed emails without my
knowledge!  How /dare/ you impugn me without having all the facts!"

Or, a less contrived example: imagine that Mr. X is a stockbroker.  He
conspires with Ms. Y to pwn the box.  You receive a signed message from
Mr. X saying, "I want to buy 1000 shares of Yoyodyne from you at
$10/share."  On the basis of this, you send him 1000 shares.  Yoyodyne
immediately tanks.  A week later Mr. X returns.  "Hi, I was off in Bali
on a beach sipping mai tais.  Anything interesting happen while I was
gone?  What the heck?  My box got pwn3d!  I didn't place that order!
Ack!  I'm so sorry about this.  Here, take your 1000 shares back, and
I'll take my $10,000 back."  (Of course, if Yoyodyne had gone up in
value, Mr. X would not have repudiated the signature.)

OpenPGP's nonrepudiability is largely a myth.  I have never seen it
tested in court.  Given the fragility of our computer systems and how
easily they're compromised, I think it's worthwhile to be very skeptical
of any analysis that's predicated on nonrepudiability.