In article <3BAB6CADBB6CA243A443E7C6674F2AB4082F04A1D6@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> you write: >Thanks Paul. We're considering untrustable email/DNS/... servers. OK. > >This particular email hasn't any jurisprudence value. However, it could have the same value as a registered letter, couldn't it? Postal mail isn't a very good analogy here. Registered postal mail depends on a trusted third party, the government post office, to make assertions about the mail it handles. It typically provides two services. One is reliable delivery of valuable physical objects like jewelry which doesn't apply to e-mail. The other is to prove that one party sent a message to a second, even if the second party doesn't want it and won't sign for it. (The usual example is a letter from your insurance company saying they've canceled your policy.) In the US they're separate services Registered and Certified mail, elsewhere they're usually combined. E-mail crypto doesn't do either of those things. A digital signature says that this message really came from whoever, with the physical analogy being a notary stamp. Encrypted e-mail doesn't promise that the mail will be delivered, but makes a negative promise that it will not be delivered to (or at least read by) anyone but the person with the key. If a recipient is cooperative, and sends you back a message signed with the same key to which you encrypted the message, that tells you he got it, but that's not a very interesting case. In the real world we have centuries of law and practice that tell notaries how to verify someone's identity, and tell recipients what the value of a notary stamp is. In e-mail, we have the web of trust for PGP and for S/MIME third party CAs (or DANE domain assertions) none of which map very well into the way we manage identities in the normal world. R's, John