sign encrypted emails
mailinglisten at hauke-laging.de
Fri Jan 3 10:50:35 CET 2014
Am Fr 03.01.2014, 01:13:13 schrieb Doug Barton:
> On 01/03/2014 12:59 AM, Hauke Laging wrote:
> | Do you agree that it is (or, depending on the content, can be) an
> | important information whether a message was encrypted by the sender
> | (and for which key)?
> Not particularly, no. The message doesn't get encrypted using the
> sender's key, although it may be encrypted to the sender's key, along
> with the recipient's.
That's not what I am talking about. I am talking about the recipient
having keys with different security levels. So there are keys I
(insecure) and S (secure). By insecure I mean a key like the one which
signs this email: Being used on a normal system (i.e. an insecure one;
oh no, in a moment Rob will notice that I used "secure" and "insecure"
If data is so important that it shall not be encrypted for my key I but
for my key S only then I want to be sure that it has been encrypted by
the sender for S. That the message which arrives at me is encrypted for
S does not ensure this. Anyone can encrypt messages for my key.
> What advantage does it give to the attacker to encrypt a message via
As I said: If a normal user (i.e. one with nearly no security clue at
all) starts an email conversation without encryption (or with weak
encryption) and I notice that (because the message arrives unchanged)
then I will tell the sender to change his behaviour. He will probably to
that and the communication becomes secure.
It is in the interest of an adversary to prevent the communication from
> The likely outcome of doing so would be to reveal that they are
> intercepting messages,
In my opinion it is very unlikely that this would be revealed. There are
people who like to get everything encrypted and those who prefer to get
only important data encrypted. Every serious adversary will know what
type his target is. This is more or less a public information.
So if somebody wants everything encrypted why should he ever ask or
mention that? It is possible, yes. "Thanks for encrypting your
messages." Who does that? And how many senders unfamiliar with crypto
would understand from that that their message has been modified? Maybe a
nice feature of their great ISP? Even worse with asking such a sender
whether he has used the right recipient key. Probably he will not even
understand the problem or misassess the situation.
And if the recipient expects only important data to be encrypted then
the adversary would encrypt only important data (which may be hard to
decide automatically though but who would notice a minute delay under
And why should the adversary not risk being detected? We encrypt because
we assume that there are adversaries.
> | How can it make little sense to provide this information?
> If the sender cares they can insert a statement in their signed
> message. "I did/did not encrypt this message before sending." Problem
Yes. But why should the sender care? The sender can be sure about doing
it right! The recipient is the one who cannot. And why should we bother
writing that in every mail if there is a simple automatic solution to
it? You cannot even be sure that the information is correct! People make
> My argument is that the _only_ thing relevant to message validity is
> the signature on the message itself.
I do not doubt that in any way but my argument isn't about validity at
all. It is about guaranteed confidentiality! That is a big difference.
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 572 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users