[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Forwarding encrypted messages (was: Re: PATCH: reply to signed messages)
From: Ingo =?iso-8859-13?q?Kl=F6cker?= <ingo.kloecker () epost ! de>
Date: 2001-04-29 10:50:43
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday, 28. April 2001 21:25, Andreas Gungl wrote:
> Well, I think we agree at least concerning the reply to messages.
> Encrypted or signed messages should be treated like text only
> messages there.
Agree.
> Back to forwarding, forwarding signed messages is easy, because the
> receiver can read them anyway. It's only the question if he can check
> the original signature. What's the situation with forwarding
> encrypted messages? I get an encrypted message from somebody else. I
> would like to forward it to the list (after a request to the original
> sender). But you were not able to read it, because you would need my
> private key. Could I select the message text and try a forward then?
> Do have to use cut & paste? What's the intention on forwarding
> encrypted messages?
If you have to ask the original sender for permission to forward his
encrypted mail to a mailing list or someone both of you know, you could
as well ask him to forward the mail himself.
OTOH, if you want to forward the message to someone the original sender
doesn't know, it makes no sense to ask the original sender to forward
the mail to a stranger.
Also the decision to forward something depends very much on the
contents of the mail. If the mail was encrypted because it contains
some personal information the original sender probably doesn't want you
to forward it to someone else. But if someone encrypts all his mail for
example because of the Cybercrime Convention which just passed the
European Council he might allow you to forward his mails if they don't
contain personal or confidential information. But maybe not. Because
this would render his effort to encrypt all his mails useless.
All in all this is a very complicated topic. Even forwarding mails
which are not encrypted is problematic because the opinion of the
sender and the receiver on the confidentiality of the contents of a
mail might differ.
As you can see, I haven't fully made up my mind on this difficult
question. Right now I would say that forwarding encrypted mails
unencrypted is in general not good. It has to be decided for every mail
seperately.
If the encrypted mail contains information which might be useful to a
wider audience the original sender should be persuaded to make this
information public himself.
Conclusion:
IMHO encrypted mails shouldn't be decrypted automatically in order to
forward them.
In order to anticipate some "bug reports" like "If I forward an
encrypted mail it isn't decrypted automatically." maybe a dialog box
should pop up if the user tries to forward an encrypted mail which
tells him:
1.) that he tries to forward a mail which contains encrypted information
2.) that explains why we consider this a bad idea and therefore don't
automatically decrypt the mail
3.) and that advices him to ask the original sender for consent or to
ask the original sender to forward the mail himself.
Regards,
Ingo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE66/IHGnR+RTDgudgRAh/CAKDZnAgZevNQw/4AT4rahvmX0CR1AwCfbcfY
WxjvH0vp0MVLW2hvygujjSs=
=TFtc
-----END PGP SIGNATURE-----
_______________________________________________
Kmail Developers mailing list
Kmail@master.kde.org
http://master.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic