[Top] [All Lists]

Re: Bug#40394: forwarding an encrypted PGP message is useless

2002-04-10 10:35:07

Hash: SHA1

On Wednesday 10 April 2002 18:10, ned(_dot_)freed(_at_)mrochek(_dot_)com wrote:
Nor is it clear that this is a "problem".    At least, there appear to be
more "problems" associated with mechanisms that do purport to control
what a recipient can do with a message than mechanisms that merely
provide protection against interception of a message in transit from
sender to recipient.

Exactly. This entire problem space has a character similar to that of copy
protection, digital rights management and all that. There are also lessons
to be learned from the Multics work on environments that try to support
multiple levels of secrecy and integrity simultaneously. (Some of the
stories told by the folks who worked on things like text editors for mixed
level data are particularly amusing.)
You can't win. And given how much this pisses off users, making them even
less receptive to following whatever rules they're supposed to be
following, you shouldn't even try.

Actually, we already knew this ;-)
Both camps here agree that you can't stop the receiver from sending the 
formerly encrypted message wherever she wants - in the clear.

Why I am sceptic about allowing forwarding formerly encrypted mails 
unencryptedly or after re-encryption is that - for me - forwarding shouldn't 
change the original message. If you want to change the message, reply to it 
and edit the recipients. If you forward, you actually want to annotate the 
original message with a few lines of notes, then send the stuff on the the 
recipient, much like sticking these yellow post-it strips to a folder and 
write "you do that!" on them before telling the secretary to carry it to the 
next room.


- -- 
Marc Mutz <mutz(_at_)kde(_dot_)org>
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see


<Prev in Thread] Current Thread [Next in Thread>