Decrypt and Leave Signature?
ESP
evangelo@pigdog.org
23 Sep 2000 16:23:13 -0700
OK, so here's what I want to do: I want to take a message that is
signed by A and encrypted for B, and make it signed by A and encrypted
for C. In other words, the path is:
plain -> Encrypted for B, Signed by A -> Signed by A ->
Signed by A, Encrypted for C
All the steps here are pretty straightforward, EXCEPT for taking a
message that's encrypted for B, signed by A and making it just signed
by A. I can't figure out a way to decrypt a message and leave the
signature on the message.
My particular needs are for a re-encrypting mailing list software
package. Currently, the software (B) can decrypt A's (the poster's)
message, and verify A's signature, but then it resends the message
encrypted for C (all subscribers) with its own (B's) signature. It
makes more sense that C (subscribers) should be able to verify the
text of A's message with A's own key, rather than taking the
software's (B's) word for it.
(Since this process is for email, detached signatures aren't really
much of an option.)
There are other scenarios where you might want to decrypt a message
and leave the signature. For example, say that A and B have a
contract, signed by A and encrypted for B. If B wants to show that
contract to a court to prove that A signed it, it doesn't seem fair
that B should have to compromise his/her private key to do so.
Even something as prosaic as forwarding an encrypted email message
would be better served if the original signature could be left on.
So, can someone clue me in on how to make this happen?
~ESP
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ESP <evangelo@pigdog.org> | http://pigdog.org/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org