Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
PGP-signing all email: good or bad?

By molo in Internet
Tue Jan 23, 2001 at 10:29:03 PM EST
Tags: Software (all tags)
Software

About eight months ago, I switched email clients to Mutt and began GPG-signing all outgoing email (Mutt makes it easy). After giving it some thought, I am now questioning my decision.


When I sign an email, I basicly identify that it really came from me. The implications of this could be big if a legal situation ever arises that has email communication as evidence. Possible results:

  • If someone spoofs my email address and the message is not signed with my key, it becomes most likely that I didn't write the spoof, or at least that if I did, I was trying to hide it. This is probably good.

  • If someone gains access to my key and passphrase, then they could sign messages and masquerade as me with impunity. This is bad, but that is why revocation certificates exist.

  • If the content of my email is the subject of a dispute, it could strengthen my opponent's case by proving that the message actually came from me (think libel). While it is perhaps ethically questionable to call into question the validity of a message which you well know you wrote, it would not be outside of the scope of a legal defense. By signing the message and showing that I (or someone with my key and passphrase) originated the message, it would not allow me to call into question the validity of the email with nearly as much uncertainty as before. This is bad if it is done against me, but good if I am able to do it against someone else (just thinking from a legal perspective).

I'm not sure why I'm thinking about this. Perhaps I should be more careful about what I say in my emails, or perhaps I should be leaving my emails unsigned and saying whatever I want.

Would this be a cause for lawsuits? Would this be more harmful to the signer than good? If people knew that they could be sued for what they say in an email or web log post, wouldn't it place stronger limits in their minds about what is acceptable speech? Might this change internet society to some extent? Also, wasn't there a recent initiative to allow digital signatures to be legally binding in the US? Would this apply here?

Since I don't like the idea of choosing to limit my speech, perhaps I should just ignore the whole situation and say what I want irrespective of legal implications.

Regardless, I don't know what to make of all this anymore. I'm looking for some advice. I'd be interested to see what everyone else has to say about this.

-molo

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Poll
PGP signatures on all email?
o Good 41%
o Bad 16%
o Undecided 36%
o Huh? 4%

Votes: 65
Results | Other Polls

Related Links
o Mutt
o GPG
o Also by molo


Display: Sort:
PGP-signing all email: good or bad? | 19 comments (19 topical, editorial, 0 hidden)
Non-repudiation (3.75 / 8) (#1)
by Signal 11 on Tue Jan 23, 2001 at 06:31:22 PM EST

Remember, it's your computer signing the document, not you. It's never you. Despite the act Clinton signed into law not too long ago making digital signatures being equivalent to online signatures, the technical accuracy of such a thing could be easily disputed.

In short, if you're to be screwed, it won't be because of the technical aspects of "signing" your e-mails.


--
Society needs therapy. It's having
trouble accepting itself.

forgery (3.20 / 5) (#7)
by Delirium on Tue Jan 23, 2001 at 06:59:37 PM EST

Well, in my non-lawyer opinion it seems that this makes digital signatures about equivalent to actual physical signatures. In both cases, you can dispute that it really was you who signed the document, since physical signatures can be forged as well.

[ Parent ]
but there's a differenc (4.00 / 4) (#11)
by burris on Tue Jan 23, 2001 at 10:49:08 PM EST

The difference of course between a real pen and ink signature and a digital one is there is a necessary relationship between the ink signature and the hand that made it. No such relationship exists with a digital signature. It isn't possible for someone else to make my pen signature exactly the way I do, it isn't even possible for myself to make the same signature twice. This makes it very difficult to forge a signature that will pass rigorous inspection when it's legal status is called into question. A digital signature made with my key but upon the action of another person is utterly indistinguishable from a digital signature made with my key and with my authorization. There is absolutely no link between a digital signature and the person who made it. It's impossible to just look at the digital signature itself, perhaps comparing it to a digital signature I make upon command, and determine who made it. No information about who made the signature is present in a digital signature. It only tells you what key made it. How much you trust that key to have only been in the posession of the entities you think it has is entirely seperate.

Burris

[ Parent ]

Signatures are meant to verify identity (3.37 / 8) (#2)
by maynard on Tue Jan 23, 2001 at 06:33:21 PM EST

Should you be able to walk into a bank and take out a mortgage without signing the contract? Of course, signing it leaves you open to the financial responsibility of a binding legal contract with your bank, which they wouldn't accept on any other terms, but by your logic you're arguing that maybe placing your John Hancock isn't such a good idea. For conducting business, there's no other way.

From a practical standpoint, it doesn't make much sense to legally sign memos, short notes, threatening letters, and sexually explicit poems to your stalkee. If that's what you were thinking, well... I agree!

--Maynard

Read The Proxies, a short crime thriller.

Digital signature != legal signature (3.90 / 10) (#3)
by CanSpice on Tue Jan 23, 2001 at 06:33:49 PM EST

There's a problem with digital signatures that was raised by Bruce Schneier that is, IMO, a fairly good problem. You don't sign the document, your computer signs it. You have to have trust in both your computer and the people that wrote GPG that the signature on the bottom of your document is signed correctly. It's a seemingly minor point, but odds are, a digital signature wouldn't hold up in court. If you're digitally signing your emails and documents, you should be aware of this important point.
 
I'm not about to quote Mr. Schneier's entire Crypto-gram article on digital signatures. For those who would like to read it, read it here.
--- I don't have a sig.
Didn't they legalize digital signatures? (3.50 / 4) (#4)
by barzok on Tue Jan 23, 2001 at 06:44:53 PM EST

I thought Prez. Bill signed a law making digital signatures legal back in September? Or do these not apply?

[ Parent ]
Supreme Court could come into play... (3.20 / 5) (#5)
by CanSpice on Tue Jan 23, 2001 at 06:53:41 PM EST

I don't know the American legal system terribly well (I live in Canada) but I would imagine that even though Clinton signed this bill, should a digital signature ever make it into legal preceeding somehow, it would more than likely be thrown out as evidence, for the reason that the individual person did not sign the document. The computer did. It's sort of why notarized signatures are prized so highly legally, rather than run-of-the-mill physical signatures. There's better proof that the individual signator signed the signature with a notarized signature. With a digital signature the computer did the signing, not you. That's a legal difference that would probably rear its head in a court of law, regardless of what bills Clinton signed.

As far as I know, the Supreme Court has authority to strike down any laws raised by the other branches of the government. But, like I said, I don't know the American legal system that well.
--- I don't have a sig.
[ Parent ]
supreme court (4.00 / 4) (#6)
by Delirium on Tue Jan 23, 2001 at 06:57:16 PM EST

Well, the Supreme Court can only strike down laws if it finds them to violate the US Constitution. Generally things like the admissibility in court of evidence are determined by laws, so the courts usually limit themselves to interpreting those laws. In this case the relevant law says digital signatures are valid signatures.

Of course the Supreme Court could rule that this evidentiary rule is a violation of someone's rights (possibly due process rights or right to a fair trial), but as to whether that's likely, I have no idea.

[ Parent ]

That's what passphrase and revocation is for... (4.00 / 9) (#8)
by Speare on Tue Jan 23, 2001 at 07:08:14 PM EST

Never let anyone find out your passphrase.

There are three exposure risks for your passphrase.

  • Don't write it down anywhere. Use your head.
  • Don't type it when people are observing you.
  • Check your system out regularly; is an unknown running process sniffing the keyboard?
  • If you feel your passphrase has been compromised, revoke the key. As a matter of course, you may want to make time-sensitive keys that expire regularly. Every 1 January, make a new key and revoke the old one.


    [ e d @ h a l l e y . c c ]
    Libel? (3.60 / 10) (#9)
    by kovacsp on Tue Jan 23, 2001 at 08:06:51 PM EST

    Unless you're in a habit of posting inflammatory material to mailing lists, I don't know how an email could be constituted as libel. An email is a private communication, and I've never heard of anybody being convicted of libel through private written-communication. (Not that I did any research, so feel free to correct me on this one.)

    Besides which, I don't think that's a good reason not to sign your emails. If that's what you're worried about, then there are many other ways to trace back an email to you, including your use of language, headers, ISP logs, etc. The last thing I would worry about is a digital signature.

    Besides, I can make a digital signature with the id of "George W. Bush <president@whitehouse.gov>" but that doesn't mean it came from him. Digital signatures are only as trustworthy as the network they are transmitted on, and the people you get them from.

    It's bad ;-) (2.78 / 14) (#10)
    by joto on Tue Jan 23, 2001 at 08:51:44 PM EST

    It's bad because they take up space in my mail-reader. Just as long .signature's are bad. Or attaching vcard's are bad. Or using html is bad. Or just about anything else stupid people do with their email.

    If you know your receiver has no interest in the pgp-signing of your email, then there is little reason to annoy them with it. And I have yet to know anyone who actually checks pgp-signatures of email they get.

    But of course, if it is economic transactions or something equally important you communicate about, then talk to your receiver, and make sure you both check each other's signatures.

    why? (4.83 / 6) (#13)
    by klamath on Tue Jan 23, 2001 at 11:33:19 PM EST

    It's bad because they take up space in my mail-reader. Just as long .signature's are bad. Or attaching vcard's are bad. Or using html is bad. Or just about anything else stupid people do with their email.
    Why is this bad? Yes, it takes up a bit more space. So what? It's not like your ISP's SMTP server can't handle it, or it will significantly effect the time to get your mail from your ISP (if it does, just use fetchmail as a daemon in the background). If attachments like PGP signatures visually clutter your email, get an MUA that doesn't suck -- like mutt, or use procmail or something similar to filter out the attachment before you even see it.

    I think PGP signing email is good. For those not interested in verifying your signature, they can just ignore it or have it filtered. For those who are, it adds security. And finally, it spreads the use of crypto/encryption/privacy software, which can only be a good thing.

    I have yet to know anyone who actually checks pgp-signatures of email they get.
    I do. Mutt will automatically connect to a keyserver, get the sender's public key, import it into gnupg, and then verify the signature on the message -- without me needing to do anything. So yes, I verify all PGP-signed mail I get.

    [ Parent ]
    Why signing is good (3.37 / 8) (#12)
    by Miniluv on Tue Jan 23, 2001 at 11:03:16 PM EST

    1) It allows you to stand some small chance of repudiating unsigned emails attempting to masquerade as yours. This isn't that big a deal as you cannot gaurantee you do sign everything you send.

    2) It allows people who recieve digitally signed email from you with a valid signature on a non-repudiated key can comfortably assume you sent it, and that the content is what you put in originally.

    3) It adds one more person likely to get screwed on something involving PKI that'll eventually expose some of the larger flaws inherent in the system. Once enough people have been screwed we'll begin putting better systems in place.

    One other thing to note, it's fairly easy to prevent theft of your private key, and thus keep the chance of fraudalent signing to a minimum. Force GPG to read the key from a portable storage medium, and never let that leave your possession. This can mean a tamper proof container of some sort, or just a trusted safe.

    "Its like someone opened my mouth and stuck a fistful of herbs in it." - Tamio Kageyama, Iron Chef 'Battle Eggplant'

    Authentication != non-repudiation (4.25 / 8) (#14)
    by swr on Wed Jan 24, 2001 at 01:37:01 AM EST

    #include <disclaimer.h>
    #include <ianal.h>

    It is possible to avoid (evade?) the commitment associated with digitally signing everything. I've given some thought to it and decided it is not worth the effort for me, but you may decide differently...

    Two words: Plausable deniability. I wouldn't recommend standing up in court and claiming you didn't sign something when you did, but if you have the ability to do so it might discourage people from pressing an issue when a digital signature is their only evidence.

    If you sign your documents with a key that is known to be breakable in a real way (eg. RSA under 512 bits) you stop most people from spoofing your mail, while maintaining a small amount of doubt. Unlikely as it may be, you can at least say that it is possible for a third-party to break your key and forge documents.

    Another approach would be to create a new key on a regular schedual (highly recommended, especially if you are using a small key or are otherwise not confident about the security of the key over long periods) and post your old private keys to usenet after they have expired and been revoked. Then you can definately say that it is possible for someone to forge documents with that key. This is not 100% though, as someone could print out your signed document and have it notarized on some date before the key expires.

    These solutions bring a problem though. What happens if someone really does break your key or sign documents under a no-longer-private key? Sure nobody can prove it was you, but you can't prove that it wasn't, either. Doubt cuts both ways.



    Good in theory... (4.00 / 4) (#15)
    by pak21 on Wed Jan 24, 2001 at 07:23:23 AM EST

    It's a difficult one at the moment, but not for the reasons stated in the article: unless you're in the habit of sending e-mails you'd later like to deny having sent, let's not worry too much about the third point (even ignoring the moral argument). The trouble I see at the moment is that the useage of digital signatures (whether that be PGP, S/MIME or whatever) is so low that adding a signature to every message is pretty close to line noise - 99% of these signatures are going to be ignored and deleted. The question is how we can get the use of digital signatures (or at least, get people verifying signatures they receive, even if they don't send their own) up to a significant minority of the community (however you choose to define that)... if I send a PGP-signed mail at the moment, most of my friends (who certainly aren't technophobes) wouldn't know what to do with it.

    Unfortunately, the best way to do all this may be to get PGP (or whatever) support built into Outlook... this presents its own problems with people misunderstanding key management, but is it better than nothing? I don't know...



    PGP is in outlook (4.00 / 2) (#16)
    by kovacsp on Wed Jan 24, 2001 at 07:42:12 AM EST

    Well, you have to download PGP, but the latest version (6.5.whatever) integrates quite nicely into outlook, as good as any mailer integration. Its all a matter of educating people, and convincing them that its in their interest to encrypt/sign their email.

    [ Parent ]
    That is as good as nothing (none / 0) (#19)
    by scruffyMark on Fri Jan 26, 2001 at 08:42:29 PM EST

    The only way of getting most Windows users using PGP would be for there to be a PGP key generator run as part of the Outlook setup wizard.

    Most computer users have no interest at all in being "educated" about their computers. They are tools, they should just work, and if we want people to use them in a powerful way, then they should just work in a powerful way.

    After all, what percentage of Windows users would stare blankly at you if you asked them when they last installed a patch or hotfix? People use computers mostly as delivered.

    [ Parent ]

    Worried about libel? (4.75 / 4) (#17)
    by Robby on Wed Jan 24, 2001 at 03:11:27 PM EST

    If the content of my email is the subject of a dispute, it could strengthen my opponent's case by proving that the message actually came from me

    Wait a minute, you're getting legal action against you and the first thing you worry about, and planned to use as a line of defense is "I didn't send it.. it was faked!" ?

    if you're planning to say something that someone believes is 'illegal' , well, go ahead and stop signing your email - theres no disputes. Hell, in fact, get yourself a second email address and never user it. Why? so you can always spoof it, and then have the completely believable defense of "but sir, it wasn't me"

    To be honest, if you're going to say something, why not have the balls and admit that "hey, I did it!" . Thats why I sign my emails. It strengthens my convictions. If you don't want to sign emails, well, stop doing it. In fact, mutt makes this very easy for you: you can automatically 'not-sign' emails to a particular address, or you can create a folder-hook to 'not-automatically-sign', or you can decide per email.

    The point is, yes, it makes you more identifiable, but shouldn't you be more worried about other aspects of the legal actions rather than using an 'I didn't do it - I swear!" defense?

    Just don't sign it all (3.40 / 5) (#18)
    by kaitian on Wed Jan 24, 2001 at 07:49:04 PM EST

    If you think that for some reason that you will have problems with what you say in a email message, just don't sign it. Better yet, spoof your own message so if it gets brought up, just say it was spoofed. You wouldn't be lying.

    PGP-signing all email: good or bad? | 19 comments (19 topical, 0 editorial, 0 hidden)
    Display: Sort:

    kuro5hin.org

    [XML]
    All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
    See our legalese page for copyright policies. Please also read our Privacy Policy.
    Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
    Need some help? Email help@kuro5hin.org.
    My heart's the long stairs.

    Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!