Tzafrir Cohen wrote: > On Sat, Jan 10, 2009 at 10:04:53AM -0600, Kevin P. Fleming wrote: >> Tzafrir Cohen wrote: >> >>> Suggested modification) >>> >>> X also signs the message with his public key. >>> >>> (If X doesn't want to, this automated procedure will not apply) >> I don't understand; if X signs the message using his public key, then >> recipients would need X's private key to verify the signature. Who would >> have that besides X? > > Many people publish their public key on keyservers.
Umm... you didn't answer my question! You proposed that X would sign the message using his *public* key. Doing so requires that the recipients of the message use his *private* key to verify the signature, since this is asymmetric key encryption. Normally when an email message is signed, the signature is created using the signer's private key, and the public key is used to verify the signature. This is what I proposed in the original message. >>> The security alias processor has in its keyring the "approved" public >>> keys. If the signature passes, the mail can be simply forwarded as-is. >> No, it can't. It has to be sent onwards to the recipients in encrypted >> form, and the original message can't be sent to them because they don't >> have the private key to use to decrypt the message (they would all need >> the security@ private key to do so). > > This means that the message can no longer be signed. Why? It can be signed by the email processor so that A, B, C and D know that it's a validly forwarded message, and the fact that the processor forwarded it means the processor validated the signature from X on the original message. This is a chain of trust that we'd be satisfied with. >>> Rationale: I wouldn't want this delay for every message I send through >>> the alias. >> I don't imagine this would take more than a minute to process a message. >> It would hardly be noticeable. > > It makes email interactive. Email (by nature) isn't. I hate it when I > have to confirm everything. Even more so when I have to do it every time > around. What would you have to confirm? You'd receive a message from security@, which was signed and encrypted using keys you have in your keyring. Your email client will offer to decrypt the message, and then verify the signature. This is exactly the same as receiving any other encrypted message, there is no 'confirmation' or interactivity. -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: [email protected] Check us out at www.digium.com & www.asterisk.org _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
