[People, why can't you use a sensible mailer who produces In-Reply-To or
References header?]
...
vedaal:
that did not reflect the intent of the sender, who would never think
of posting it unencrypted.
If you send sensible content to somebody you can't trust to keep it secret,
there's no technical solution to solve that problem. Don't send that person
any sensible content - encrypted or not.
If you S/E/S the message, you can still stripp the outer signature and the
encryption and get a perfectly readable signed message. True, there could be
some indication that the inner signature was part of a S/E/S message - but in
the original case, the sender could put a notice 'this is a confidential
message and was sent encrypted' in the message text.
IIRC E/S/E had some other significant drawback, somebody will certainly point
it out here, but it would "solve" that particular problem. But I don't think
that it does achieve more than putting 'this is a confidential message' in
the signed body:
The recipient can publish the E/S/E message without the outer encryption
layer. Then he publishes the decrypted message and his public key. Everybody
can the generate the encrypted message and, with the signature, verify that
it is the same message. So this "solution" falls apart, too.
cheers
-- vbi
--
featured link: http://fortytwo.ch/gpg/subkeys
pgpdABuinA44e.pgp
Description: signature