What is the benefit of signing an encrypted email
Ingo Klöcker
kloecker at kde.org
Tue Jan 18 21:09:52 CET 2011
On Tuesday 18 January 2011, Robert J. Hansen wrote:
> On 1/18/11 6:36 AM, Hauke Laging wrote:
> > This is not about convincing someone that a certain email has not
> > been written by me (as in your example) but to assure him that you
> > have written certain emails.
>
> A good signature from a validated key belonging to a trusted person
> can do this. But that's it.
Agreed. The question is what does it take for a key to be considered
validated and for a person to be trusted? In the end those decisions are
up to the receiver, but I think in certain scenarios (e.g. a mailing
list like this one) me signing all of my messages could result in me
building a certain reputation and consequently trust in me and messages
signed with my key. Of course, I could still be totally untrustworthy.
In the end, all you know for certain is that all of those messages that
were apparently sent by me were signed with the same key.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110118/bf0dbf2f/attachment.pgp>
More information about the Gnupg-users
mailing list