[Enigmail] Expect signature header proposal

John W. Moore III jmoore3rd at bellsouth.net
Tue Oct 7 16:37:03 PDT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Eitan Adler wrote:

> Even if it is not a header there should be some way to enable/disable a
> "unsigned message" notice per user.

Er....  At the risk of sounding rude & 'short' I'd like to point out
that there is such a 'feature'; it is called the practice of 'due
diligence' on the part of the Message Recipient.  If Bob 'Signs' /every/
Message and Alice fails to notice/observe that a Message "from Bob" is
un-Signed prior to taking action on the contents of said Message without
confirming with Bob then the 'negligence' rests with Alice.  Period!  If
Alice is so careless as to not observe that the Signature is absent;
what guarantees that Alice would notice the 'notice' that "This Message
is Not Signed"?   In the litigious Society in which We now live Your
'scenario' would probably result in the next Message received by Alice
being from Bob's attorney.

The onus for Bob's career woes would rest squarely on Alice's shoulders.
 Only the presence of a verified Signature from Bob carries any
significant meaning.  The absence of the customary Signature should
alert Alice to double check the veracity of the missive _prior_ to
taking action based solely upon said Message.  I fail to see the
practicality of even attempting to 'idiot proof' the absence of a
Signature.  If Alice [or any Recipient] is so security careless as to
not observe the lack of a verified Signature then there is no protocol
that will correct Her foolishness.  :-\  <SIGH>

JOHN ;)
Timestamp: Tuesday 07 Oct 2008, 19:36  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10-svn4845: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: https://www.gswot.org
Comment: Homepage:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJI6/KdAAoJEBCGy9eAtCsPnzgH/3bnlflNmxtI6U0H3Nr5avf9
MTvi1MnRLgJgU8rkiIrXfLwqb9QqVaWx6pasYaZ7QNZYO+28eSUBePGbJ0G0TDB5
ral3XohAR4jAUm50Ckyp5WLqEjoA4itxLu1tagmlTNuCfmYIMQ1fHdxp8FJZ28uw
EVcIV1JZ/Va73pxYzDXYR4Ijw2aMnesbX0EwXFH+jIIRMsaepTC9xm5zNlTXWZnW
y6WH1htYyEM1QGuXSqPGXgg1LUfmSGNXY6mRGNuteRRlKvo2hRTkcAGHNosE6jpp
2t2dqcUX53r9KC/ZDCA7n3k5iKyAA900+CBVjdd3KWLi8y4mewmQ+4hiigreKQY=
=6MgW
-----END PGP SIGNATURE-----

More information about the Enigmail mailing list