Is the signature encrypted

David Shaw dshaw at jabberwocky.com
Mon Nov 5 16:59:45 CET 2012


On Nov 5, 2012, at 10:29 AM, Hauke Laging <mailinglisten at hauke-laging.de> wrote:

> Am Mo 05.11.2012, 10:01:02 schrieb David Shaw:
> 
>> Virtually always you *want* your signature to be encrypted.
> 
> Why? What critical information is exposed by the signature, assuming I do not 
> forge the from address?

The fact that it is signed at all, and who signed it.  But again, you're not forced into this way.

>> Why would you want something else?
> 
> The virus-checking mail gateway may want to at least be sure about the sender 
> (which does not assure it of the sending system being non-compromised and not 
> evil).
> 
> My personal reason is that I (in contrast to one well-known member of this 
> list...) believe signatures to be the only solution against spam and do not 
> want the filters be forced into the the mail client. This could be done by 
> other means than the data signature though. I don't understand why PGP/MIME 
> does not define a seperate signature for the relevant sender created headers 
> (from, to, subject, date). That would protect the headers and allow filters to 
> check the sender without exposing the data signature.

As far as I recall, PGP/MIME (speaking strictly for the standard and not any particular implementation) can do this just fine.  Forgive me if my memory fails, but you should be able to do this by creating the message complete, with all of the headers you want to protect, and including it whole as an attachment (i.e. message/rfc822) to a signed message.  The outer message headers are the one that the MTAs use to get the message to you.  The inner ones are tamper-proof. You just need to check the inner signature and then compare the inner and outer headers to verify.

Now, I'll be the first to say that I don't know of any clients that actually do this, but barring the aforementioned memory, the spec allows for it just fine.  That said, given what havoc email gateways can wreak on the outer headers, I think you might get a bunch of failures matching the outer and inner headers.

David




More information about the Gnupg-users mailing list