RE: secure sign & encrypt

["Dominikus Scherkl" <Dominikus.Scherkl@xxxxxxxxxxxxxxx>]

Hi.

> > I see no other way than "encrypt, sign and encrypt" (ESE)
> > to archive all cyptografic goals which seems inportant to me:

> The interesting thing is that there is nothing STOPPING an application
> from doing this today.  OpenPGP messages like the following are
> perfectly legal syntax, even in 2440:
> 
> ESK [...] Enc { PreSig ESK [...] Enc { Literal { Message } } PostSig }
> 
> Go ahead and implement this.  I'm fairly sure that most of the OpenPGP
> Parsers out there will Do The Right Thing with this (I'm 99% sure that
> PGP 6.5.x will do this, since I wrote that original parser code).

Of course. That's the main advantage of ESE, we can do it without
protocol changes - to insert a new button in the applications will
be enough.
In addition ESE has the property John Callas repeatedly claimed
to be important, and which can't be archived by simply adding
a copy of the header fields to the envelop:
it ensures that the reciever cannot forward a message
without destroying the signature or reveiling that it was
originaly send to him for his eyes only.
Also ESE can't be cheeted by adding fake addresses to the envelop.

And the old SE remains available, if you like the message can be
forwarded but therefore repudiated.

Best Regards
-- 
Dominikus Scherkl
dominikus.scherkl@xxxxxxxxxxxxxxx