sign encrypted emails
ekleog at gmail.com
Sat Jan 4 16:09:51 CET 2014
On Fri, Jan 03, 2014 at 07:31:29PM -0500, Daniel Kahn Gillmor wrote:
> On 01/03/2014 06:56 PM, Leo Gaspard wrote:
> > On Fri, Jan 03, 2014 at 12:50:47PM -0500, Daniel Kahn Gillmor wrote:
> >> On 01/03/2014 08:12 AM, Leo Gaspard wrote:
> >>> So changing the encryption could break an opsec.
> >> If someone's opsec is based on the question of whether a message was
> >> encrypted or not, then they've probably got their cart before their
> >> horse too.
> >> opsec requirements should indicate whether you encrypt, not the other
> >> way around.
> > Well... So, where is the flow in my example? This example was designed so that,
> > depending on the level of encryption (and so the "importance" of the safety of
> > the message according to the sender), the message had different meanings.
> As you've noticed, the sender cannot verifiably communicate their intent
> by their choice of encryption key. If the sender wants to communicate
> their intent in a way that the recipient can verify it, they'll need to
> sign something.
> In your example, the fact that a message was encrypted makes the
> recipient treat it as though the sender had indicated something specific
> about the message because it was encrypted. This is bad policy, since
> there is no indication that the sender encrypted the message themselves,
> or even knew that the message was encrypted.
Which is exactly the reason for which Hauke proposed to sign the encrypted
message in addition to signing the cleartext message, is it not?
Sure, there might be other ways: add a message stating to which key the message
is encrypted, etc. But this one has the advantage of requiring AFAICT no
alteration to the standard, and of being easily automated, for humans are quite
poor at remembering to always state to which key they encrypt.
Anyway, wouldn't you react differently depending on whether a message was
encrypted to your offline key or unencrypted?
More information about the Gnupg-users