[messaging] OpenPGP Trust is broken Was: On Signed-Only Mails

Phillip Hallam-Baker phill at hallambaker.com
Thu Dec 8 05:10:05 PST 2016

​There are two sets of problems identified relating to signed emails.

1) Assertions that impersonation makes the signatures worthless​
2) Confused legal objections

The second seems to flow from the first but it really isn't clear. In fact
I can't tell what side people are arguing on. Telling people to go read a
book and come back when they agree is not an argument.

The arguments I see here are of the form 'this is really complex and
difficult and there are experts, we are not experts, I am not an expert,
therefore you must all bow down before my ignorance and do it my way'.

That is an audition for a position in the Trump cabinet, not a technical

People have been using signed emails for two decades now and none of the
risks suggested have appeared.

Yes, the OpenPGP Key servers are a 'dumpster fire'. But that affects
confidentiality and integrity equally. And if you think that is a problem
then you should start looking at ways to fix the OpenPGP trust
infrastructure because what you are saying is that the issues you have
identified make the system arguably worse than useless.

CIA: Confidentiality, Integrity, Availability.

The first, most important consideration in virtually every system is to
protect the availability of the data. The second most important is
integrity. Confidentiality is the least important concern.

A bank that is hacked and customer bank details are disclosed is in trouble
but a bank that is hacked and has money stolen is in worse trouble and a
bank who loses its account data and cannot recover it from backups is a

All documents should be signed but only confidential documents need to be
or should be encrypted.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20161208/76c2ac44/attachment.html>

More information about the Messaging mailing list