Black Unicorn writes:
Take the example of a brokerage which needs to incontrovertibly prove a
client (or a client's key) ordered a given transaction. How will the above
help? Clearly, it won't. The bottom line is that in the mad rush to
implement "one pass" functionality PGP dropped the ball by killing this very
important functionality.
An enterprise cannot now archive mail which can later be searched by keyword
in the message body and still be verifiable ex post with respect to origin
and message integrity.
Big mistake.
I wonder (doubt) if it will ever be fixed.
As far as I can see, the OpenPGP data structures are entirely adequate for
this application. If there are deficiencies in the OpenPGP specification
necessary for this functionality then we can discuss them. High level
product functionality is not really relevant to this forum.
Hal Finney
NAI, Inc.