ietf-openpgp
[Top] [All Lists]

re: forwarding an encrypted message

2002-04-09 13:39:49

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

- ----- Original Message ----- 
From: "Simon Josefsson" <simon+ietf-openpgp(_at_)josefsson(_dot_)org>
To: "Marc Mutz" <mutz(_at_)kde(_dot_)org>
Cc: <kmail(_at_)kde(_dot_)org>; <ietf-822(_at_)imc(_dot_)org>; 
<ietf-openpgp(_at_)imc(_dot_)org>
Sent: Tuesday, April 09, 2002 3:32 PM
Subject: Re: Bug#40394: forwarding an encrypted PGP message is useless



Marc Mutz <mutz(_at_)kde(_dot_)org> writes:

What if, in a mail user agent, the user wants to forward an encrypted
message? Allow it? Deny it?
Re-encrypt or remove encryption?

The problem is, of course, that the original sender might not like his
encrypted text being sent out in the clear again...

Then the original sender should not send the text to someone who will
do that.

I don't see how the standard could prevent the user from doing
this. If it is prevented, then it is only the applications' doing, so
it wouldn't be difficult to override it.  
...
a way to do it, would be to send the original encrypted message using the
throw- keyid switch,

any re-sending of the message would not be able to identify the original
sender,

moreover, the message could also be sent using the option of 'screen
viewing only' so that the plaintext could not be saved,
except tediously by saving a screen shot, or re-typing the message,
both of which can be 'denied' by the original sender, and can be proved by
the forwarder, only by having someone witness the decryption.

hth,

vedaal

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt   build 7      http://www.ipgpp.com/
Comment: { Acts of Kindness better the World, and protect the Soul }
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423  D9AE 02FD A711 97BA

iQEVAwUBPLNNBGoFoLeFMG0lAQNFHgf+OmEDLzkChGzImWKeTK7Ma7sojVqGxUtJ
pGCtwK/SEjhxeiX0p+6ejFalP0FTN0xUNMhJ+P+oOW20BEUiSJEGiYOPDnrhThyq
nmg+jC2vgjEzGjdOo/CQ56XUh6ATQ1RRi2U5eahwftpzLQSPgSVrut9H4bmYT5OL
7Hk2MNQj5K1+9IwgjSrajs1DWv0Pbfx7ytrAAB2tnvx+KW6Qb5xQN8qMotbEI744
7q91c8VjMgu4w/L3TlkFigx1d4TJO/ZkFYclTgD43PbiYL3OcYE380MlYXxaD/rm
2JHdyD3jewyhkx+BAxiwaj/po7S45MVeoX5Ke8v7jF//eEBh8qCARQ==
=AT2F
-----END PGP SIGNATURE-----



<Prev in Thread] Current Thread [Next in Thread>