Question regarding clearsigning emails automatically

Nils Ellmenreich Nils@infosun.fmi.uni-passau.de
Fri, 15 Dec 2000 08:40:15 +0100 (CET) 

Hi Ralph,


>>>"RA" == Ralph Angenendt <ra@letras.de> writes:


 RA> Nils Ellmenreich wrote:
 >> act of signing means something like "I have read/written the above. I
 >> agree with this. To certify this fact, I hereby sign it." That means:

 RA> OTOH signing all mails means: "If you ever come across a mail which
 RA> is supposed to be written by me, but is not signed, then please call
 RA> me to verify that I really sent this mail. It could as well be a
 RA> fake".

I think, the act of signing (whether email or anything else) is roughly
what I wrote above. The fact that you'd like people to get in touch with
you if they receive some unsigned stuff supposed to come from you -
that's just your personal addition (which may be sensible, but is
unrelated to the signing itself).

 RA> IMHO ideally all mails should be signed and all mails should be
 RA> encrypted. The latter normally fails, as most people are not able to
 RA> receive encrypted mails.

That's for sure. Encrypting only the important stuff is not a good idea.

But my point was not to say you shouldn't sign/encrypt all
mails. Whether or not doing that is a personal preference. What I am
opposing is *automatically* signing (i.e. without entering a passphrase)
all mails, as some people seem to do. That is about the same as having a
pile of blank stationary paper only with a signature, and using this
paper to write each letter. The signature becomes almost
meaningless. IIRC, the legal implication of "signing" is that someone
had to take his time and, while being fully aware of the consequences,
"signed" a document to tell others it's genuine. If this deliberate act
is missing (because it's being done automatically) - what does a signed
mail tell you? That someone used the account of John Doe's computer to
write a mail with his mail client who automatically signs all mails as
John Doe. And that almost meaningless ... ;-)

Cheers, Nils
-- 
Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org