On Thu, 2005-08-11 at 20:17 +0200, David Srbecky wrote: > Out of curiosity, is there any difference between > preference=sign,encrypt and preference=encrypt,sign ? I mean, does the > order matter? Can you both sign encrypted message and encrypt signed > message? (Where the later means that you can not verify signature until > you decrypt the message) * encrypt(sign(message)) The receiver is the only one being able to read it and knows it comes from you. * sign(encrypt(message)) This allows one to send a message, encrypted to another person, that person sees you send it, because of the signature, and that person can only read it, because of the crypt. Advantage here for privacy freaks: the receiver can never prove that the received message (cleartext) was sent by you. The person can only show the encrypted form, which doesn't tell a thing, unless that person shows in public that the person decrypts it, which nicely shows everybody that that person is telling some secret from you to the world. Of course if that person doesn't care about the latter then you are still stuffed, nothing to repudiate. * encrypt(sign(encrypt(message))) Like sign(encrypt) except that if somebody finds this thing that they can't figure out who the sender is, they can only identify the receiver. Greets, Jeroen
Attachment:
signature.asc
Description: This is a digitally signed message part