© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
9199653
demo site
(Get the code!)
> Btw, in my opinion encryption is more important than signing.
It's not, but irrelevant discussion here.
> The replacement message even proves that the signature was valid before.
No, it does *not*. That's what I said in my initial description.
Any implementation would have to ensure that the msg can only be added by the
local application. That means: Not in body or even headers, but stored in
internal meta-data, in ways that provably cannot be seeded by incoming, fwrd
etc. msgs, and displayed in the header pane.
Note that this msg would be lost when looked at on IMAP on a different machine,
after a copy to another machine etc., and definitely when forwarded (see above).
THe msg would then appear completely unsigned (which it is).
> Of course somebody could break into the user's machine. But then
> also digital certificates could be altered.
No, they could not. The display could, yes. But a break-in is not my main concern.