Pros and cons of PGP/MIME for outgoing e-mail?

Peter Lebbing peter at
Wed Nov 26 20:15:51 CET 2014

> My proposal doesn't have this problem. I want the manifest to summarize the
> entire content of the message, including sha256 (or whatever is considered
> good) fingerprints of each part.

1) What does a checksum add beyond the OpenPGP Modification Detection Code (MDC)?

2) Why doesn't an attacker replace the checksum?

Anyway, if you really care about your recipient getting what you sent, you
should simply sign, IMHO, due to 2).


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list