[Enigmail] Sender under duress
Eitan Adler
eitanadlerlist at gmail.com
Sun Oct 5 12:39:00 PDT 2008
John Clizbe wrote:
> Eitan Adler wrote:
>> Cryptographic signatures are generally not meant to verify the honesty
>> of the sender. They can only be used reliably to verify that a specific
>> person sent a message.
>
> I think you're layering too much meaning onto a cryptographic signature.
>
> All you can be reliably certain of, if the signature verifies, was that it was
> made with a given key and that the message was not altered in transit.
>
> The duress hypothesis of this thread is a perfect example that a signature does
> not guarantee that the keyholder is actually in control of the key.
>
Alright. Thanks for that.
note to self: be much more specific when posting in the future
More information about the Enigmail
mailing list