[messaging] On Signed-Only Mails

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Nov 29 01:25:45 PST 2016


Vincent Breitmoser <look at my.amazin.horse> writes:

>In some more detail:
>https://k9mail.github.io/2016/11/24/OpenPGP-Considerations-Part-I.html
>
>[...] Signed-Only Mails are Useless [...]

Yup, and it's for exactly the reasons given there that the S/MIME WG decided
many years ago not to sign messages sent to the list.  Courts, similarly, rule
on the intent of the signer, not some attached bag of bits (see e.g. Steven
Mason's excellent "Electronic Signatures in Law").  So while I wouldn't go so
far as to call them harmful, I'd agree that they're mostly useless, unless
you're using one to make some special point.  Even then, if it's for legal
purposes, a court will look at almost everything but the signature when
deciding on its effect.

Peter.


More information about the Messaging mailing list