Vincent Breitmoser <look@my.amazin.horse> writes:
No feedback on this at all? Should I maybe create a website and logo for
a surreptitious forwarding attack?
I agree that it is a useful feature. It is implemented as proposed in
Sequoia, you can designate recipients while encrypting a message, and
during signature verification it constrains the validity of the
signatures.
I'll add some more motivation: There is currently no way to distinguish
signatures made for plaintext messages from signatures made for encrypted
messages.
This opens up a scenario where a message is sent as signed cleartext (which
many
people do by default), and only encrypted at a later point, for example by an
inbound message encryption feature. At that point, there is no way for a mail
client to tell whether this was actually an e2e encrypted message, or sent in
the clear.
As a straightforward fix, I propose an additional "sent in the clear"
subpacket
that indicates when a signature was made over a message that is sent in the
clear, and wasn't intended to authenticate an encrypted message.
I support this proposal.
Thanks,
Justus
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp