-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 FYI, your client has horrible line wrapping. If there is a setting, please change it to 72 columns.
On 01/03/2014 12:59 AM, Hauke Laging wrote: | Do you agree that it is (or, depending on the content, can be) an | important information whether a message was encrypted by the sender | (and for which key)? Not particularly, no. The message doesn't get encrypted using the sender's key, although it may be encrypted to the sender's key, along with the recipient's. What advantage does it give to the attacker to encrypt a message via MITM? The likely outcome of doing so would be to reveal that they are intercepting messages, for what benefit? That's a legitimate question, not a snark. You seem to be suggesting that this would provide value to the attacker, if so can you elaborate? | How can it make little sense to provide this information? If the sender cares they can insert a statement in their signed message. "I did/did not encrypt this message before sending." Problem solved. | Whether it is more important to encrypt a message or to sign it | differs a lot with the content. Thus I do not understand your | explanation of importance. My argument is that the _only_ thing relevant to message validity is the signature on the message itself. Whether it was encrypted or not should play no role in the recipient's calculation of the validity of the message. | This is similar to SSL/TLS without client negotiation: No, it's not at all. But I don't want to quibble about that, I'm still interested in your description of the importance of the encryption itself, separate from the message and signature. Doug -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) iQEcBAEBCAAGBQJSxn8pAAoJEFzGhvEaGryEulsH/2u1seI5K62Y0Aa5fKI3SRAD eBc8n62Se7sXw8rOXR+Qp5k191Upg1/Po2mkTSpgPjqc47yeAPaj4pHBAQIiAlgC 1iDdb4RveB3zZeJ4HpVgrRR5ap3S8w+SmnDdbul4evVcnuHnzP7zOFOZ5ZgIVnr8 Aoaei1jaaKal6p6qf5FDOA2c/Ni8pALZ8ZaUDNlDOLMpRS02uKZHUJwpx7eCDuKK wvvk6X7nicetiKdklDX31eoabGuhu0ret3BbAwq6EEXaAD6FnPIuhgHcvLZzz6Tj c0XuJD+UYK67p/rm4EdxUdr57rJ3Kr/hKdTjtBVy/l17LZZoXuROa8KSblwtr2U= =aqFY -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
