[Top] [All Lists]

Re: [openpgp] Intent to deprecate: Insecure primitives

2015-03-22 04:18:30
I am a curious onlooker with no operational affiliation to the business of this list (and normally silent), with an observation/question at this point in this thread:

Is it considered best practice now to encrypt, then sign? I think I heard somewhere that SSL/TLS does it the other-way-round and has thereby innocently created certain problems. GnuPG allows these operations to be combined on the command line, and then I don't know in what order they actually occur.

If you receive an encrypted and signed message, and best practice would be to, in reasonable time, decrypt from wire-format and re-encrypt to local format for PFS (which seems to me a really sound policy, given modern experiences, and might be just as easy as leaving it to your full-disk-encryption system where you store your mail), might you lose the ability to provably authenticate the messages in your archive? I can think of situations where one would not want to lose this ability (e.g. some sort of dispute or legal proceeding).

Perhaps if they get signed, then encrypted, this problem goes away. But then why /should/ one do these two operations in one order in the e-mail context, but perhaps the opposite order in others? (Perhaps I betray my ignorance at this point.)

openpgp mailing list

<Prev in Thread] Current Thread [Next in Thread>