[Enigmail] Expect signature header proposal
Eitan Adler
eitanadlerlist at gmail.com
Tue Oct 7 15:56:43 PDT 2008
[snip]
Alright - what about this scenario:
Bob is security conscience and always signs his messages sent to Alice.
Dora wants to harm Bob's career and she sends a forged message
claiming to be from Bob to Alice. Alice is an ordinary human and does
not notice the missing "this message is signed" notice and therefore
acts upon this message. Bob's career is ruined. Alice also gets
messages from many people that don't sign their emails. It would ruin
the effect of an "unsigned message" notice if she got it for every
message that had no signature.
Even if it is not a header there should be some way to enable/disable a
"unsigned message" notice per user.
More information about the Enigmail
mailing list