sign encrypted emails
Doug Barton
dougb at dougbarton.us
Mon Jan 6 01:41:11 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 01/05/2014 08:07 AM, Hauke Laging wrote:
| Am So 05.01.2014, 10:15:51 schrieb Robert J. Hansen:
|
|> >Your problem can be solved trivially by establishing a policy of,
|> >"Encrypted messages must contain a notification within the signed
|> >message body of who the message is encrypted for."
|
| That is neither trivial nor reliable nor the best approach to deliver
| this information.
It can be both trivial and reliable, simply place the following in your
.signature file:
I will not encrypt this message before sending.
On those occasions when you do encrypt, remove the word "not."
Now your (reasonable) objection is likely to be, "But what if the sender
forgets to remove the word 'not'?" Well in that case we're right back to
where we started, you cannot solve problems of bad operational practices
with technology. No matter how fool-proof you make the tech, the
universe will come along with a better fool.
Doug
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
iQEcBAEBCAAGBQJSyfunAAoJEFzGhvEaGryEQR4H+gK3ZfMpugnnHMtiRclDsWID
isMMuTzal57Zze7R0QbJE6hc7AEXdefr8hMDLUbbKgNO6SUspd8Yu8LAjxBSJla+
HW1xAh49M3yBLYgyJtfZhJAE39Ttsmpcdg2A2X7Z1xBiPsZXH7fbJqXEpOhjM0z1
BuBLZUZ7/Ama6DzcRavEoa/jLymCeaCRGSp765Z70qWrF4ZnsfAdRGXPTyQAsgeH
OKRAzje5fUbLk5W4sbgiuJVJ9D7ORuvB3mUlimA1oqV6F3G+giTHR4eyzhzGiqsM
YpslkIzy06X8fFpiB00qigw9wjdrtQUqk8xG6iC6D7CIjXspmEnyvriIfUGS8xA=
=LjnW
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list