On 29/11/2016 04:25, Peter Gutmann wrote:
Vincent Breitmoser <look@my.amazin.horse> writes:
In some more detail:
https://k9mail.github.io/2016/11/24/OpenPGP-Considerations-Part-I.html
[...] Signed-Only Mails are Useless [...]
Yup, and it's for exactly the reasons given there that the S/MIME WG decided
many years ago not to sign messages sent to the list. Courts, similarly, rule
on the intent of the signer, not some attached bag of bits (see e.g. Steven
Mason's excellent "Electronic Signatures in Law"). So while I wouldn't go so
far as to call them harmful, I'd agree that they're mostly useless, unless
you're using one to make some special point.
Which gets more to the point - the problem with digital signatures is
that they mean different things to different people. Just the crypto
alone cannot solve that problem. What is needed is a framework that
states the meaning of the signature in human terms in a clear way.
This hasn't really been done to my knowledge. CAs like CAcert have gone
a long way towards establishing one meaning of a signature. But the
"one meaning" thing has also been insufficient; we really need many
meanings, and that needs more work.
Bringing it back to the topic, what we are really saying is that
"signed-only mails will be useless without some context" and in the
contrary where emails are signed and encrypted, we are actually
providing some context by implication: the signature is for
authentication of the mail sender / key, which is a security statement
not a legal statement, as is stressed by the inclusion of encryption;...
and therefore we can presume that the signature is not for legal
purposes. Note that it's still a presumption based on custom not statement.
To put that another way around - when we just do signed emails, are we
doing an authentication (security) statement or are we intending a legal
(signing) statement? It's not clear. We might be clearer by saying
that plaintext sigs are more legal and binary ones are more
authentication, but that's not backed up by any custom or anything.
Even then, if it's for legal
purposes, a court will look at almost everything but the signature when
deciding on its effect.
Right, and now we have the problem that a digsig probably is a lousy
legal signature anyway, if used without any context. But does that make
it not a legal signature? No.
The closer statement might be: "signatures don't make their purpose
clear, and therefore they are often so confusing as to be useless."
iang
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp