I am a curious onlooker with no operational affiliation to the business
of this list (and normally silent), with an observation/question at this
point in this thread:
Is it considered best practice now to encrypt, then sign? I think I
heard somewhere that SSL/TLS does it the other-way-round and has thereby
innocently created certain problems. GnuPG allows these operations to be
combined on the command line, and then I don't know in what order they
actually occur.
If you receive an encrypted and signed message, and best practice would
be to, in reasonable time, decrypt from wire-format and re-encrypt to
local format for PFS (which seems to me a really sound policy, given
modern experiences, and might be just as easy as leaving it to your
full-disk-encryption system where you store your mail), might you lose
the ability to provably authenticate the messages in your archive? I can
think of situations where one would not want to lose this ability (e.g.
some sort of dispute or legal proceeding).
Perhaps if they get signed, then encrypted, this problem goes away. But
then why /should/ one do these two operations in one order in the e-mail
context, but perhaps the opposite order in others? (Perhaps I betray my
ignorance at this point.)
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp