Christopher R Key <ckey2@eng.ua.edu> writes:
First of all, if the recipient is a newsgroup, why would that particular information need to be part of the signed information?
E.g. if I post some Emacs-worshipping to alt.religion.emacs --- fine. But if someone forwards this to some serious comp.editor group, maybe some people don't understand the jokes... Only one example why it can be neccessarry to include the context (e.g. the recipient) into the signature.
If you post to a newsgroup a message that is only signed (as opposed to encrypted also), then you are obviously not worried about who reads it.
The question is not if I care who reads it. The question is in which context (i.e. in which newsgroup) someone reads it.
The signature is only a method of proving that the important text (message) is unchanged and intact, and that the person who it is supposed to be from is the same who signed it.
Probably many people don't make this destinction between the message and the context. And additionally: I can only proove that someone forwarded my message to a wrong context, when the context is signed, too. Sure, I can include context-information manually, but when we want as many people as possible using strong-crypto, it should be as fool-proof as possible. Therefore I think it would be a good idea to include the context into the signature.
Secondly, if you are sending email to some one and sign it using pgp, wouldn't that person need pgp to prove that in fact you did sign it? Then it can be reasonable that if that person has pgp to prove the signature, that person has pgp to decrypt mail sent to them. Simply sign you message and encrypt it using that person's public key. {SNIP}
Then the receipient decrypts the message, encrypts it under another person's public-key and forwards it to them. And so the context has changed, while my signature is still valid..... Have a nice day! Michael Deindl -- DISCLAIMER: My oppinions are my own, not those of my employer IBM.