From owner-freebsd-questions  Mon Aug  6 23:44: 9 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from smtp-2.enteract.com (smtp-2.enteract.com [207.229.143.4])
	by hub.freebsd.org (Postfix) with ESMTP id 2211C37B405
	for <freebsd-questions@freebsd.org>; Mon,  6 Aug 2001 23:44:05 -0700 (PDT)
	(envelope-from dscheidt@tumbolia.com)
Received: from shell-2.enteract.com (shell-2.enteract.com [207.229.143.41])
	by smtp-2.enteract.com (Postfix) with ESMTP
	id 89BAD6CE1; Tue,  7 Aug 2001 01:44:04 -0500 (CDT)
Date: Tue, 7 Aug 2001 01:44:04 -0500 (CDT)
From: David Scheidt <dscheidt@tumbolia.com>
X-X-Sender:  <dscheidt@shell-2.enteract.com>
To: parv <parv_@yahoo.com>
Cc: f-q <freebsd-questions@freebsd.org>
Subject: Re: how is mail secure when only signed?
In-Reply-To: <20010807023118.A47821@moo.holy.cow>
Message-ID: <Pine.BSF.4.32L2.0108070137510.89184-100000@shell-2.enteract.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Tue, 7 Aug 2001, parv wrote:

:i am curious as why would some people, thus software, would consider a
:plain text mail which is only signed, not encrypted, w/ public key of
:some encryption scheme as secure? i mean what's stopping alice to use
:bob's public key to sign her mail to dupe the receiver as if mail is
:from bob?

The signature is hash of the message that's been signed using the sender's
*private* key.  Anyone with the sender's public key (and the right software,
natch) can decrypt the hash, and then compare that value to the actual hash
of the message.  If Alice were to sign the message using Bob's public key,
Bob's public key wouldn't decrypt the hash, and the verification fails.

:
:in other words, if public key signature is used to mark mail secure,
:not to actually encrypt, how could the source/owner of public key be
:verified?

The signature can be used to verify that it was sent by the holder of the
private key.  It doesn't mean that it can't be read by anyone, just that it
can't be changed.  For lots of purposes, that's enough.

-- 
dscheidt@tumbolia.com
Bipedalism is only a fad.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message