Am Mo 05.11.2012, 10:01:02 schrieb David Shaw: > Virtually always you *want* your signature to be encrypted.
Why? What critical information is exposed by the signature, assuming I do not forge the from address? > Why would you want something else? The virus-checking mail gateway may want to at least be sure about the sender (which does not assure it of the sending system being non-compromised and not evil). My personal reason is that I (in contrast to one well-known member of this list...) believe signatures to be the only solution against spam and do not want the filters be forced into the the mail client. This could be done by other means than the data signature though. I don't understand why PGP/MIME does not define a seperate signature for the relevant sender created headers (from, to, subject, date). That would protect the headers and allow filters to check the sender without exposing the data signature. Hauke -- ☺ PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
