encryption information in a signature
Hauke Laging
mailinglisten at hauke-laging.de
Wed May 14 09:55:19 CEST 2014
Hello,
I would like to suggest a probably easier alternative to my proposal
"sign encrypted emails":
http://lists.gnupg.org/pipermail/gnupg-users/2014-January/048681.html
The purpose is that the recipient can be sure that the message has left
the sending system encrypted (and: encrypted for a certain key) – as it
is easily possible for a MitM to encrypt an unencrypted message without
being noticed, deluding the recipient about the confidentiality of the
message.
Nearly the same effect as that by my former suggestion may be reached by
defining a notation which says: "This message is sent encrypted only. It
will be encrypted for this key / these keys: ..." There is no reason not
to trust the sending system about that.
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140514/f0209c66/attachment.sig>
More information about the Gnupg-users
mailing list