At 05:42 PM 7/25/98 , Hal Finney wrote:
Bob could require/request his customers to prepare their messages in
two passes, the first one to clearsign them and the second one to
encrypt them. Then when he processed the messages he could decrypt
and leave a clearsigned message, on which the signature could be
checked but the message left in clearsigned form.
This was the option I referred to when I said "without much nonsense on the
senders side."
Bob's clients would be annoyed and there would be constant non-compliance
and customer service strife.
We at NetAss
Please tell me this abbreviation was intentional.
have considered changing the default behavior of the
encrypt-and-sign option to behave in this manner (clearsign then encrypt).
Continue considering it, please?
Unfortunately, messages prepared in this way require users with current
client software to manually run two passes to decrypt and verify.
The need for backwards compatibility has prevented us from going forward
with this scheme.
We have had some discussion on OpenPGP of a flag, perhaps in the literal
packet, which would indicate that messages are in this form. Perhaps a
future version will have a clean way of doing this.
I do hope so. If Network Associates is trying to sell these services in
enterprise, and anticipates, as I think they have, a need for archiving and
corporate access as well as anti-repudiation features, it would seem this
is a major issue that has to be addressed.