anonymous mail
remail at tamsun.tamu.edu
remail at tamsun.tamu.edu
Tue Aug 31 12:26:32 PDT 1993
PEM also reveals who signs messages, even when the message is encrypted.
In other words, if I send you a PGP encrypted message which I also signed,
the signature is hidden under the encryption. You do not know who sent you
the PGP message (assuming a cypherpunks remailer or equivalent was used)
until after you decrypt the first "packet" and gaze inside.
PEM, on the other hand, reveals in the clear who signed the message, outside
of the encrypted portion. Also note that to be PEM compliant, you *must*
always sign your messages. So much for anonymous encrypted messages...
There is something to be said for the PGP encapsulated approach...
More information about the Testlist
mailing list