Scribit Steve Langasek dies 01/04/2007 hora 13:09: > Hrm, is there really an RFC that specifies encryption before signing? AFAIK, the RFC specifies how to build an encrypted MIME body and a signed body. When you want both, you can either store a signed body in the encrypted one, or an encrypted and signed PGP data as an encrypted body... > That would violate the expectation that people other than the intended > recipient of the mail should not be able to verify the source. Which provides you with repudiability for non-recipients, which can be an expectation too. Differently, Pierre -- nowhere.man@levallois.eu.org OpenPGP 0xD9D50D8A
Attachment:
signature.asc
Description: Digital signature