[Enigmail] Expect signature header proposal

[Robert J. Hansen]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA224,SHA1

Eitan Adler wrote:
> Can you be a bit more verbose?

How do you know the X-Always-Expect-Sig header should be honored?  You'd
need to send some kind of cryptographically signed control message to
every one of your recipients saying "yes, always expect signatures from
me."  Otherwise, the simple attack is to set X-Always-Expect-Sig to NO
and presto, the mail kludge is bypassed.

Ah, but now, you say, the trick is the mail server should always keep
track of what each correspondent's state is.  Fine: how do you expect
the system to handle people who send email from multiple places?  Or
from people who get tired of Enigmail and uninstall it?  Or who mess
around with the system, get it set, and then have to deal with their
messages all being flagged as suspect by their correspondents?

What you're talking about doing is establishing a public key
infrastructure.  That's a hard problem, and mail kludges are simply not
up to the task.

> And can you think of anything else to solve the "not signed when it
> should be" problem?

I don't acknowledge the existence of a problem in the first place.

Whether something should be signed is not up to the sender.  Whether
this message should be signed is not up to me.  It's up to each person
reading the message.

If you feel like taking this message seriously, even knowing that it
could have been tampered with in transit -- well, that's your call to
make: this message doesn't need to be signed.  If you feel otherwise,
that, too, is your call to make, and this message should have been signed.

But I, as the sender, get precisely _zero_ say in whether a message
should have been signed.

In voting security, one of our maxims is that voting security doesn't
exist to persuade the winner he won, but the loser that he lost.  After
all, winners always think their victory counts.  It's only losers who
need to be persuaded.

In communications security, an equivalent maxim would be that senders
don't get a say in whether a message should be/needs to be signed.  Only
the message recipients do.


... So, in essence, you have:

(a) misunderstood the problem,
(b) seen a nonexistent problem instead, and
(c) solved it badly.


Sorry.

-----BEGIN PGP SIGNATURE-----

iFYEARELAAYFAkjoGQkACgkQI4Br5da5jhDYCQDcC/cqf3p417R9le6TE4rMY48k
YkYI4ORUPPgomQDeNBHsHhxx/xGXfiph4kFr+8T52hiW4C+1v7WG84kBHAQBAQIA
BgUCSOgZCQAKCRC3APSC/q+BCYvPB/97iZ9iSm2FBpoxUSm5Mo78ADAfa2Ovhsxb
MbTILBDz9eKygusPa47vwlJfopLEZm0HKv99qrBVaiKUGpNSHsqxMAsA2JBPjxxw
UXIkp1/dF/wZpqSVlZ0H1sUhR1ahGI45wYURMq44BBzgjeXsLfBkyJEAhnlQQ2uI
Aryz8uzZjlyLhqWZECR3LkqS93wMDpyflEz5WogpaMZR1CdYn25yshb7HAjqHxXg
qQb9sWN305TAEcumZclZ4OIj3p7CvFSanh5SJSKQK8N0t6XBMwl9PsT75YyIQrFF
/cfhYj9c1SoOZvP/hnjU1RS+qLkudxAHfVgXsTKGwo2WIymzmTsN
=8UyE
-----END PGP SIGNATURE-----