At 09:45 AM 6/24/2001 +0800, Enzo Michelangeli wrote:
A question for legal experts on the list: Does all this pose legal risks
within the current legal framework? In other word, do current digital
signature laws assume that also the headers are assumed to be authenticated
and non-repudiable if
The laws I have seen are not specific enough to deal with what gets
included in a digitally signed message. These laws define 'digital
signature' and in some cases invoke so-called trusted third parties to
issues certs, etc., but I haven't seen a law yet with the level of
detail that would
- Original Message -
From: Greg Broiles [EMAIL PROTECTED]
To: Enzo Michelangeli [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, June 25, 2001 1:32 AM
Subject: Re: crypto flaw in secure mail standards
[...]
The digital signature laws I've seen don't mention and don't support the
Derek Atkins [EMAIL PROTECTED] wrote:
The problem is not at all with the crypto. The problem is with the
integration of the crypto with applications like e-mail.
In this spirit, I have produced a patch for Mutt that adds an option
to include the To:, From:, CC:, and Subject: headers at the
