encryption information in a signature

Hauke Laging mailinglisten at hauke-laging.de
Wed May 14 09:55:19 CEST 2014


Hello,

I would like to suggest a probably easier alternative to my proposal 
"sign encrypted emails":

http://lists.gnupg.org/pipermail/gnupg-users/2014-January/048681.html

The purpose is that the recipient can be sure that the message has left 
the sending system encrypted (and: encrypted for a certain key) – as it 
is easily possible for a MitM to encrypt an unencrypted message without 
being noticed, deluding the recipient about the confidentiality of the 
message.

Nearly the same effect as that by my former suggestion may be reached by 
defining a notation which says: "This message is sent encrypted only. It 
will be encrypted for this key / these keys: ..." There is no reason not 
to trust the sending system about that.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140514/f0209c66/attachment.sig>


More information about the Gnupg-users mailing list