Hacker News new | ask | show | jobs
by wizzwizz4 1742 days ago
“Message forgery by the recipient” is a bit strong. It's more like “lying by the recipient”, since the signature is only meaningful to the recipient.

This stops stuff you say in chat from following you around, unless you choose to sign it with your regular private key.
1 comments
dathinab 1742 days ago
“Message forgery by the recipient” is a bit strong.

It's exactly what it allows: The recipient can forge a message they supposedly did receive.

Try explaining "yes it's encrypted and prevents forgery, but not if it's forged by the recipient" to a judge or the media after there was a scandal ;=)

link
wizzwizz4 1742 days ago
Messages are put into wax-sealed envelopes before being sent over the internet. This evidence is an open envelope with some wax on it.

This digital signature proves the message was written by a party to the communication, but it doesn't prove which one.

Encryption keys can be used to make digital signatures. Anyone with the key for this communication could've made that signature; not just the sender, but the receiver as well.

(I'm sure you can think of more.)

link