From kmail-devel Sun Apr 29 10:50:43 2001 From: Ingo =?iso-8859-13?q?Kl=F6cker?= Date: Sun, 29 Apr 2001 10:50:43 +0000 To: kmail-devel Subject: Forwarding encrypted messages (was: Re: PATCH: reply to signed messages) X-MARC-Message: https://marc.info/?l=kmail-devel&m=98854146519050 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday, 28. April 2001 21:25, Andreas Gungl wrote: > Well, I think we agree at least concerning the reply to messages. > Encrypted or signed messages should be treated like text only > messages there. Agree. > Back to forwarding, forwarding signed messages is easy, because the > receiver can read them anyway. It's only the question if he can check > the original signature. What's the situation with forwarding > encrypted messages? I get an encrypted message from somebody else. I > would like to forward it to the list (after a request to the original > sender). But you were not able to read it, because you would need my > private key. Could I select the message text and try a forward then? > Do have to use cut & paste? What's the intention on forwarding > encrypted messages? If you have to ask the original sender for permission to forward his encrypted mail to a mailing list or someone both of you know, you could as well ask him to forward the mail himself. OTOH, if you want to forward the message to someone the original sender doesn't know, it makes no sense to ask the original sender to forward the mail to a stranger. Also the decision to forward something depends very much on the contents of the mail. If the mail was encrypted because it contains some personal information the original sender probably doesn't want you to forward it to someone else. But if someone encrypts all his mail for example because of the Cybercrime Convention which just passed the European Council he might allow you to forward his mails if they don't contain personal or confidential information. But maybe not. Because this would render his effort to encrypt all his mails useless. All in all this is a very complicated topic. Even forwarding mails which are not encrypted is problematic because the opinion of the sender and the receiver on the confidentiality of the contents of a mail might differ. As you can see, I haven't fully made up my mind on this difficult question. Right now I would say that forwarding encrypted mails unencrypted is in general not good. It has to be decided for every mail seperately. If the encrypted mail contains information which might be useful to a wider audience the original sender should be persuaded to make this information public himself. Conclusion: IMHO encrypted mails shouldn't be decrypted automatically in order to forward them. In order to anticipate some "bug reports" like "If I forward an encrypted mail it isn't decrypted automatically." maybe a dialog box should pop up if the user tries to forward an encrypted mail which tells him: 1.) that he tries to forward a mail which contains encrypted information 2.) that explains why we consider this a bad idea and therefore don't automatically decrypt the mail 3.) and that advices him to ask the original sender for consent or to ask the original sender to forward the mail himself. Regards, Ingo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE66/IHGnR+RTDgudgRAh/CAKDZnAgZevNQw/4AT4rahvmX0CR1AwCfbcfY WxjvH0vp0MVLW2hvygujjSs= =TFtc -----END PGP SIGNATURE----- _______________________________________________ Kmail Developers mailing list Kmail@master.kde.org http://master.kde.org/mailman/listinfo/kmail