[Enigmail] signature test

Sat Feb 16 10:21:42 PST 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Phil Stracchino a écrit :
[...]
> | How can I now check and prove that this message has been sent by me and
> | has not been tempered with?
> 
> 
> Well, properly speaking, you can't *prove* it.
> 
> (Well, actually, you specifically *as the sender* can, by comparing the
> message to the original you sent and verifying that they are the same.
> But realistically, only you have that option.)
> 
> If I am J. Random User who has no idea whether that key really is your
> key or not, I don't know anything about the authenticity of the message,
> because someone else could have masqueraded as you, written the message,
> and signed it with a key which they assert is yours.  This is the
> UNTRUSTED part of the status above.  The signature is good, but the
> trust status of the key the message was signed with is unknown to me.
> 
> 
> However, if I have had the opportunity to communicate with you and
> personally verify that the key used to sign this message IS INDEED your
> key, and if I personally trust you not to have disclosed your secret key
> or its passphrase to anyone else, then I have a message which I have
> very good confidence was actually written and sent by you.  Even if I
> have not personally corresponded with you and physically exchanged keys,
> I can have reasonably good confidence in the authenticity of the message
> if, even though your key is not directly known to me, it bears
> signatures from other people whom I trust and whose keys I know.  Either
> way, I have good reason to believe that I can trust your key.  (How much
> trust I place in it depends how well I know you personally, how much I
> trust the people who have signed your key, and how trusting - or,
> conversely, how paranoid - I am.)
> 
> Anyway, if through one means or another I have trust in your key, and
> have so marked it on my keyring, I now have a TRUSTED good signature,
> and in *that* case, although I still cannot *prove* that your message
> has not been tampered with unless I can compare it to your original
> message, I am able to know that the possibility anyone has successfully
> done so is vanishingly small.
> 
> 
> Follow that?  :)

Hello Phil, all,

thanks for your reply which I will reread again and again, I think.

What I hope to solve by signing my emails is this:

Most communication with my students is done by mail (this may be normal
for computer science students in the United States, but it isn't
necessarily for a literature professor in France ;-).  This may be mails
about mundane things like appointments, but it may also deal with more
important matters such as grades and grants.  I want to be able to
establish, in case of disagreement (or even litigation), the authorship
of a given message purportedly sent by me.

So, if a student produces an email message (electronically or as a
printout) where I purportedly have said "yes" or "no" to a grant or to a
grade even though I didn't, I want to be able to retrieve my original
and signed message and prove with my signature that the student's
message cannot be the original, but has been tampered with.  Thinking
about it, even without the original it should be able to determine
whether the student's mail message in question conforms to my signature.

In other words, I don't really care whether the students trust my mails
or not, my need is to be able to show the difference between a 'forged'
message and my original, both being present.  Today, anyone can make up
a message and say, I wrote it.  I need to prove that I didn't.

So, I wonder whether signing my mails fulfills this purpose?  It does
seem to me.

Thanks everybody so far, for your useful and friendly replies.

Florence.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAke3KbYACgkQdPQ2hdt1eIKDMACg04mb8kfZnRgiZVOtKpVxGgcd
PJ4An2FqgKWkVGioH2Fi9CyTe8uku1o3
=+GO0
-----END PGP SIGNATURE-----