Scribit Steve Langasek dies 01/04/2007 hora 13:09: > Hrm, is there really an RFC that specifies encryption before signing?
AFAIK, the RFC specifies how to build an encrypted MIME body and a signed body. When you want both, you can either store a signed body in the encrypted one, or an encrypted and signed PGP data as an encrypted body... > That would violate the expectation that people other than the intended > recipient of the mail should not be able to verify the source. Which provides you with repudiability for non-recipients, which can be an expectation too. Differently, Pierre -- [EMAIL PROTECTED] OpenPGP 0xD9D50D8A
signature.asc
Description: Digital signature