re: A brief comparison of email encryption protocols

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Previous message: Jueneman@gte.com: "V1 vs. V3 certificate usage"
• Maybe in reply to: Raph Levien: "A brief comparison of email encryption protocols"

Russ wrote....

I wonder why you would want to sign ciphertext generated by someone else?
This is especially "weird" if you do not have the key to decrypt the message.

Yes, I think that a statement saying that signature should be applied before
encryption is a very good idea.

Russ
> Well if you had a performance review where you had a section
> where you could encrypt comments about your supervisor, but you
> only wanted their supervisors and human resources to read it, your
> manager would sign that they he agreed with everything else and that
> you could be sure he did not modify the comments or know about them.
> Just a thought.

• Previous message: Jueneman@gte.com: "V1 vs. V3 certificate usage"
• Maybe in reply to: Raph Levien: "A brief comparison of email encryption protocols"