OSDev.org

The Place to Start for Operating System Developers
https://f.osdev.org/

Signing emails with recipient's key

https://f.osdev.org/viewtopic.php?t=5073

Page 1 of 1

Signing emails with recipient's key

Posted: Mon Apr 24, 2006 2:17 pm
by Kemp
From 'secure file system':
You know, if everybody would encrypt, or at least sign, all e-mail with the public key of the recepient, that would be a 100% fool-proof spam filter right there. No spammer could afford to get and use all those individual public keys, bye-bye mass mailings. Just filter out any mails that are not signed with your public key.

PS: My PGP fingerprint is 0xA7E3A71B. You are welcome to encrypt any mail you send me, trivial or not.
I'm actually quite interested in convincing people that this is a good idea. Problem at the moment is I use Outlook 2003 for my email and it appears that the only way you can set it up in there is to sign outgoing messages with your own public key in order to confirm the 'From' field is correct and you are who you say you are (with the key being given to you by one of the usual certificate authority).

Does anyone have any idea how to implement Solar's suggestion in Outlook (or if it's even possible)? Also, the filtering based on whether incoming emails are signed with your key.


Edit:
I have found an Outlook plugin that can perform encryption/decryption of mail messages based on the recipient's public key, how does that sound? Is full encryption preferable or does it get in the way to have to decrypt each message you receive?

Re:Signing emails with recipient's key

Posted: Tue Apr 25, 2006 2:50 am
by Solar
You can set up virtually anything, given that you can write VB plugins for Outlook. As for the status of existing, ready-made solutions, I don't know, as I am using KMail / Linux for some time now. ;-)

Signing would be sufficient for the anti-spam use. A mass-mailer would have to sign every individual mail with a seperate key, or sign the mail with all keys of all recipients - both of which are basically show-stoppers.

From a privacy standpoint, I prefer full encryption. It doesn't matter whether you're sending me a "happy birthday" or the root password of your webserver. The question "what do you have to hide?" is something from Gestapo times, and I can't really stand how "democratic" governments get away with it today.

Re:Signing emails with recipient's key

Posted: Thu Apr 27, 2006 5:31 am
by Pype.Clicker
Solar wrote: The question "what do you have to hide?" is something from Gestapo times, and I can't really stand how "democratic" governments get away with it today.
And i have a couple of friends for who the answer to the question is "none of your business" :P
All times are UTC-06:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited