Signing vs. encrypting was: Cipher v public key.
Andreas Martin
ama at inmedias.it
Wed May 31 11:31:14 CEST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Laurent Jumet schrieb:
> When sending a message like this one, signed, compressed but not
crypted,
> is there anything that goes bad, in security terms?
> This is to avoid problems with line lenghth and charsets through internet
>
In security terms, lots of things can go bad when sending anything
through the internet ;-)
Encrypting protects against unauthorised reading of the plaintext, but
not from manipulating the encrypted data. Signing protects against
manipulation of the data, but not against unauthorised reading of the
plaintext. (In fact it does not avoid the manipulation itself, but you
are able to detect, that the data has been manipulated).
Signing and encrypting are two totally different things (not to mention
compressing). So if you want "save" transmissions you have to do both,
signing and encrypting!
Problems with line length and charset shouldn't occur during the
transmission of your mails, because Mail Transport Agents don't take
care of the mailbody (and the headers are not signed or encrypted). What
exactly do you want?
Regards
Andreas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iQCVAwUBRH1iX+f8mJnBT5ROAQJkTQP/YxiOftW6mNv2DntzOQp0KxACJmzW00Xu
cqLQcaW9AKhGpovrwMIWfz0GoIa8wtPP4EEn6nKWpJ6qZo3ossmcVCuJo76nvIpO
BH2Cx/p0w66rrB0tc9Qqx8nLIz9rNQJgRcN9z+PRaHihB75ulkHCQIACWnyeeQB2
9bWwUcB9Xmc=
=0cYA
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list