Am Fr 03.01.2014, 04:28:38 schrieb Robert J. Hansen: > or that his proposed fix would work.
Would you explain how that shall be avoided? You send an email to me. You encrypt it to the key which I want you to encrypt it to. Then you sign the encrypted data. If I receive an email from you which is not encrypted and signed (as the outer layer) then I go on red alert. Like today I might if the message is not encrypted or not signed. How shall THEY create an encrypted-signed message if you have e.g. sent it without encryption? The adversary needs your signing key. Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ http://userbase.kde.org/Concepts/OpenPGP_Help_Spread OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
