sign encrypted emails

Hauke Laging mailinglisten at hauke-laging.de
Fri Jan 3 10:57:43 CET 2014


Am Fr 03.01.2014, 04:28:38 schrieb Robert J. Hansen:

> or that his proposed fix would work.

Would you explain how that shall be avoided?

You send an email to me. You encrypt it to the key which I want you to 
encrypt it to. Then you sign the encrypted data.

If I receive an email from you which is not encrypted and signed (as the 
outer layer) then I go on red alert. Like today I might if the message 
is not encrypted or not signed.

How shall THEY create an encrypted-signed message if you have e.g. sent 
it without encryption? The adversary needs your signing key.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140103/af35d086/attachment-0001.sig>


More information about the Gnupg-users mailing list