sign encrypted emails

[Doug Barton]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 01/02/2014 09:35 PM, Hauke Laging wrote:
| I just noticed that you can easily be deluded about an email being
| encrypted: That you receive an encrypted mail does not mean that it
| was sent encrypted. An adversary may encrypt a non-encrypted message
| (which he has intercepted) in order to create more trust in the
| message for the recipient: If you receive critical information and
| are aware that it has not been encrypted then you may react
| differently from the case where you are sure that is was encrypted.

This threat model doesn't make a lot of sense, except for very naive
users who cannot distinguish the importance of a message that is
encrypted vs. a message (encrypted or not) which is signed. If the user
is not sophisticated enough to place the proper importance on a
signature for the message itself; they are rather unlikely to care about
signatures inside and outside the encryption.

| Or similar: A message is encrypted to a low security key which has
| been compromised (unnoticed by the recipient). The adversary decrypts
| the message ans reencrypts it to a more secure key.

This threat model makes no sense at all. It is the recipient's key that
the message is encrypted TO. And again, the recipient should be
verifying the signature on the message itself, and placing the proper
importance on that.

Have I missed some otherwise hidden value to your proposal?

Doug
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)

iQEcBAEBCAAGBQJSxnXvAAoJEFzGhvEaGryEfGwH+gLr5xm6sV1l067eiyo1p2JI
2e8YYhr8DZL4+cju29nMnlf657rmHmDgqzAQhQMK1TadnVAEi/xubjximK76NHpS
5RWkW6arDvq9pYMHHHDMihpvgJdwPYDg5XJ3ZoCmjYHAjOHY+2fqW1QxxxcmloHT
shSTtV/N2ZwGRTg3sKyQ6K6Bp8be45la7iiUXy/qwZTa86a3/A9t3FoxYxpqlq31
jLmofWYw0O+MxnNHWO6YuDOpjqDvdIkcwbQ/0P+48uYxCrzBj/vwj1dR5q4pclJD
UtC3TNrQdEgOLmQZAYvOAN+z5brKXVIBBA1ckxf5TGP0kDNo0AOV+OyH9Ljo0Nw=
=wBkw
-----END PGP SIGNATURE-----