[Enigmail] On signatures

Robert J. Hansen rjh at sixdemonbag.org
Fri Dec 14 13:09:57 PST 2007

Previous message: [Enigmail] On signatures
Next message: [Enigmail] Thunderbird doesn't remember of the passphrase.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thomas Hotz wrote:
> It all boils down to trust: Do you trust the sender to keep his secret
> key and passphrase to himself?

No.  A malicious person interjecting themselves in the middle of the
conversation can add or remove elements from the message at will.  They
can't forge a good signature from a validated key, but they can add bad
signatures willy-nilly.

Previous message: [Enigmail] On signatures
Next message: [Enigmail] Thunderbird doesn't remember of the passphrase.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Enigmail mailing list