Endpoint Encryption

Hello guys,

I'me facing something weird.

Using PGP desktop with outlook 2011. When receiving a signed email, no issues. When receiving an encrypted email, again, no isses.

But when I'm receiving a signed + encrypted email, it's resulting in an encrypted only email. It's not signed.

When I'm trying to send a signed + encrypted email, again no issue.

I'm facing this problem  with only one client, so I'd say there's something wrong on it, but I cannot figure what. I've checked the policies but everything seems to be normal as I've set the same as on my computer.

Anyone would have an idea ?

Thanks in advance,

Cheers,

 Julian

PGP Desktop Release Notes do not indicate support for Outlook 2011, so this may be the problem.

Does missing signing notation on the on the received email?  In the PGP Messaging Log?

If something is encrypted, it has to be signed, but if something is signed, it doesn't have to be encrypted.  So its got to be signed if its being encrypted, but perhaps its just not showing the fact that it is.  Do you get anything in the PGP Messaging log to indicate that its being signed?  If you change it to Verbose it should show you its being encrypted+signed.

Does this user have any Outlook addons that the other users don't?  If so try disabling them all bar the PGP ones and try again, or maybe enrol this user onto another machine that you know works to see if that changes anything, to eliminate that endpoint as the cause of the problem

Both email and files can be encrypted without being signed.  Are you maybe thinking of some specific situation where this is not the case?

I was taught (by Symantec no less) that encypting without signing has no use, because you cannot verify the origin of the email, so if you click the "Encrypt" button in outlook, the UN will also sign it.  Is that not correct?  

PGP Desktop messaging policies include the Outlook button policies of Encrypt, Sign, and Sign+Encrypt.  Encryption alone may at times be desired if the sole purpose is to conceal what data is being transmitted.  I use to use this setting for routine email that did not need verification when I did not want to bother with entering my very secure passphrase.  Signing is necessary when you want to verify who did the encryption and/or determine whether the encrypted data has been altered. 

I don't really see a use-case for just encrypting then, surely it needs to be verified to be a trusted email, i guess that was just the tutors way of moulding to real life scenarios

This could certainly be someone's decision regarding the needs of their setting.  I can think of unlikely situations where encryption without signing might be appropriate or even needed.  If I'm out of the country with valuable information locked securely in my safe, something might pop up where immediate access to the safe is needed.  I don't happen to have my private key available for signing, so can't sign my email, but I can send the code or combination encrypted to the person.  The only verification needed is that this provides access to the safe.  In my case, I just wanted an "envelope" so that snoops wouldn't know such things as when it would be a good time to burglarize my home.

Thanks all for your answers :)

Let me give you additional details :

When I do send an encrypted & signed email to this user using "Sign" and "Encrypt" buttons in Outlook , he does receive it as an encrypted & signed email, as shown below in Outlook 2010

PGP Pop-Up indicated me that it's been decrypted, and the signature has been verified

When this user is sending me an encrypted & signed email using "Sign" and "Encrypt" buttons in Outlook, I do receive it only encrypted, and not signed, as shown below

PGP Pop-Up indicates me that yes it's been decrypted, but no clue about the signature being verified

But when this same user is sending me a signed only message using the "Sign" button in Outlook, I do receive it signed.

What I'm trying to figure out is why encrypted & signed message are delievered only encrypted, and not signed.

Cheers,

Julian