Re: [openpgp] [messaging] On Signed-Only Mails

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 07 December 2016 01:41 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4132D1293EE for <openpgp@ietfa.amsl.com>; Tue, 6 Dec 2016 17:41:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mo3GLGIdFbR9 for <openpgp@ietfa.amsl.com>; Tue, 6 Dec 2016 17:41:04 -0800 (PST)
Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 690BB129630 for <openpgp@ietf.org>; Tue, 6 Dec 2016 17:41:02 -0800 (PST)
Received: by mail-wm0-x236.google.com with SMTP id g23so148966942wme.1 for <openpgp@ietf.org>; Tue, 06 Dec 2016 17:41:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=sGu2pBWXuWNhJHkLOcdeNzDKNegDGSSfGM//kNPS0tM=; b=sMC+qwBvizWvBt9RbxuHfIJOiX/I+ygwynm/teYVpWLQZ7hOHDzp7zzFDEUMra9uQ3 d1sc84/doYjeTaGrbPVIHGflvHIG+nXURpgB50mg6BhBkaQpWhotck4Yqsz+5VYXDhny ER2CM6IJfIL+OBzFcPhc/DLRGOl3TSHzGzzgRCuyl25x2gftn2QwZanODAkgnnqlwnu/ FLbymbDk6fqMRIVQOyjhHdyL48fSAGs3rOqIIez8i/PMEzvEqcO6MwZpbjnpMyqJCFlB gNiUXZamMtM4nQn+yYI9R+UmmDnFqYVlY+Sgnpn0dmVuvx790zivvS2tfIiPPQF6qp5l /BNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=sGu2pBWXuWNhJHkLOcdeNzDKNegDGSSfGM//kNPS0tM=; b=GiY8AlKrgyA/3uIULcPpccrmokflmmNS1Er/3TwVT0BOsZAOE7ZyRToThaZa+uPWgX XCd+fN1hBCaLQpQ/dKkX1TIz8T811Cd4+Jrgs6LAzml3JNbnyaLlMpuTmKT7yK1CHmYG hqyWQH0I6k8P7yFIwD12IDZ9sO70Ncz6qpy3K07SnhOT3HidQrBOQ3s9B2a/siLFLw7a ExbtN1LRqBkWD5WV9l+GDlnF+EXmRkdCF1Vg2rA2I5NFZ6rGSFipW4Lmexheql1Todqg vPbiW86z7aIoM51lBCEe9u/XbsLqB/8y1a0OsFtiqe6LbJf2xWcSkrTPpNVgf8saUXDQ LDpw==
X-Gm-Message-State: AKaTC01JqTXnpsBKdV25XtmZEIdZt6H8KggePNDZ2vl6SMikQQsYbVstNC/vXMNaoy4sHumUst1OBCGcozO79g==
X-Received: by 10.28.72.198 with SMTP id v189mr234387wma.13.1481074860848; Tue, 06 Dec 2016 17:41:00 -0800 (PST)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.194.83.101 with HTTP; Tue, 6 Dec 2016 17:40:59 -0800 (PST)
In-Reply-To: <f84121d0-d1d7-3f7f-ab5b-48643bfe0ee3@iang.org>
References: <20161129091837.GA25812@littlepip.fritz.box> <1480411542920.18425@cs.auckland.ac.nz> <f84121d0-d1d7-3f7f-ab5b-48643bfe0ee3@iang.org>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Tue, 06 Dec 2016 20:40:59 -0500
X-Google-Sender-Auth: IkFSfqSyXxCYBNlMg8gyi9uUsaM
Message-ID: <CAMm+LwhiNzHa=f2Vv_sgdL7BAM5ToZmEBF+C0NPadxuMbYQG1Q@mail.gmail.com>
To: ianG <iang@iang.org>
Content-Type: multipart/alternative; boundary="001a114b32bcf77a790543079cb0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/bpMdDMtpOmS7zQQIzIj4RUtHxPI>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] [messaging] On Signed-Only Mails
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Dec 2016 01:41:06 -0000

There is actually an extensive literature on what digital signatures mean
from a legal point of view. The ABA has been working on that for decades.
Digital signatures are merely a form of electronic signature. And in the US
at least anything that is intended to have the effect of a signature is a
signature for legal purposes.

If you are going to raise legal issues as a reason to do something then go
study what the law actually is. It really isn't hard even in US common law.
It is even simpler in continental law systems.

The problem of digital signatures creating unintended contracts simply does
not exist. Lawyers thought through those issues in the 1990s.


The reason you need signatures in electronic mail is that there is no way I
am going to let encrypted mail through my spam filter without a signature
from someone I trust. Take out the authentication function and the
encryption function fails.