On Wed, Sep 3, 2025 at 4:35 PM Teemu Likonen <[email protected]> wrote:
> Thanks for the discussion. Now my thoughts about e-mail encryption > problems. Hopefully I'm not repeating too much those usual and often > repeated issues... A good book on the subject is Peter Gutmann's Engineering Security, < https://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf>. He explains how to build secure systems. He discusses email security, along with encryption and other privacy issues. From the section titled Encrypted Email on page 774: An example of a conflict between user expectations and security design that would have been revealed by proactive testing was turned up when security usability studies showed that email users typically weren’t aware that (a) messages can be modified as they move across the Internet, (b) encrypting a message doesn’t provide any protection against such modification, and (c) signing a message does protect it. The users had assumed that encrypting a message provided integrity protection but that signing it simply appended the equivalent of a pen-and-paper signature to the end of it. Jeff
