sign encrypted emails

Robert J. Hansen rjh at
Sun Jan 5 16:15:51 CET 2014

> I agree with Robert, you're trying to solve a social problem with a technical
> solution.

More to the point, he's solving the wrong problem and conflating policy
with mechanism.

GnuPG does not provide policy.  Policy is the responsibility of the
people using GnuPG.  All GnuPG provides is mechanism.

Your problem can be solved trivially by establishing a policy of,
"Encrypted messages must contain a notification within the signed
message body of who the message is encrypted for."

For many users this sort of policy is a good idea.  For the majority of
users it's overkill.  Why do you want a policy decision to be
permanently enshrined in GnuPG's mechanism?

More information about the Gnupg-users mailing list