ietf-822
[Top] [All Lists]

Re[2]: Bug#40394: forwarding an encrypted PGP message is useless

2002-04-09 14:08:42

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --- Reply created Tuesday, 09 April 2002, 15:59:49 ---



- ------- Original Message --------
On Tuesday, 09 April 2002, 14:32, you wrote:

SJ> Then the original sender should not send the text to someone who
will
SJ> do that.

SJ> I don't see how the standard could prevent the user from doing
SJ> this. If it is prevented, then it is only the applications'
doing, so
SJ> it wouldn't be difficult to override it.  This isn't a technical
SJ> problem. Whenever you introduce encryption between two parties
you
SJ> have this issue.

SJ> Whether to re-encrypt or remove encryption is up to the user
SJ> forwarding the message.  What the defaults should be probably
depend
SJ> too much on the application to give any generic recomendation on.

SJ> Just my two cents.


- ------- End Original Message --------

Absolutely agreed.

Not a technical problem.

It is a problem of data released "to the wild" and what another party
may "do" with that data once released.

The allowable disposition of the data beyond the party of first
release should be specifically stated to prevent "missteps" by that
party.

And, if you are concerned that the data *not* be released beyond that
first party, perhaps you should consider either:
- - another method of release, or
- - your relationship with the party to whom you are releasing the
data,
or
- - don't release that data in the first place.

(Interesting how this seems to parallel the current debates on
copyright...)

- -----
Clinton E. Troutman
mailto:clinton(_dot_)e(_dot_)troutman(_at_)cetro(_dot_)fort-worth(_dot_)tx(_dot_)us
- -----
"You can tell the Mafia is running the cockfight if the duck wins." -
Anon.
ÀFÿ\?$%

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5i

iQA/AwUBPLNYPZlJBEe9GL9yEQJipQCgklKCtoYtpgpwKM7VZ1ynWP5IiecAoKY8
qPR93LgEEMtSRsma9VgWBwbr
=+Snr
-----END PGP SIGNATURE-----