[Top] [All Lists]

Re: Bug#40394: forwarding an encrypted PGP message is useless

2002-04-10 12:54:17

From: John Dlugosz

Here's another way to make sure that someone doesn't strip away the
encryption envelope but leave the signature and forward the signed
document:  By analogy with the "Dear Sue" content to prevent authenticated
message re-use, you can do this on the application level.

Include in the signed text a statement that the intended recipient still
wants to keep secret.  now he will have to excerpt the main message of
interest (and lose your signature) or act against his own interest, which
may be different from the interest context of the main message.