On Tue, Nov 01, 2011 at 02:04:31AM -0500, John A. Wallace wrote: > Hello. I was reading this page, > http://www.gnupg.org/faq/GnuPG-FAQ.html#cant-we-have-a-gpg-library , and I > found this comment near the end of it in the section entitled "How does this > whole thing work?": "There is a small security glitch in the OpenPGP (and > therefore GnuPG) system; to avoid this you should always sign and encrypt a > message instead of only encrypting it." If this is still applicable, would > you explain what the small glitch is? Are there any other small glitches > explained elsewhere, which I may not have noticed? There is a lot of > documentation, and I am hoping to absorb it as much as I can. Thanks.
The "glitch" is exactly as described: you should always sign and encrypt a message instead of only encrypting it. I could send you malicious encrypted content, and masquerade as someone else behind a different email address- maybe someone with a good reputation for security in the OpenPGP community. Without signing the message, and only encrypting it to your public key, you have no way to verify who really sent you the message. Now switch sides. Suppose you're sending an encrypted mail to a collegue. You're encrypting it for his eyes only. If you don't sign the message, he may or may not choose to decrypt it. If you sign the encrypted mail, then he can verify the signature, see if he trusts that key, and make a more meaningful decision. The "glitch" is that for security AND trust, messages must be both encrypted and signed. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users