Even if you don’t care whether anyone sees what’s in your messages, you probably don’t want anyone to be able to modify what you have written and you certainly don’t want anyone to be able to forge messages and make them look as if they came from you. As it happens, forging email—that is, sending a message that appears to be from someone else—has historically been relatively easy and has long been a source of amusement for adolescents (see side- bar). It is also more or less simple to detect a spoofed message, depending on the skills of the spoofed. Another type of message integrity threat exists. Since Internet messages can pass through open networks, an attacker who has control over an intermediary system could, in theory, grab your message and change part of its content. Assuming that the attacker has taken control of a system that normally processes mail, such an attack could be virtually undetectable. Both types of attack can be thwarted by using digital signatures on messages. These provide message integrity in two ways: If the digital signature is properly verified (and if the public key has been reliably distributed to the recipient), then the recipient can be confident in the identity of the author of the message as well as the integrity of the contents of the message. On the other hand, if the digital signature verification fails, it indicates only that there is something questionable about the message: Its contents may have been deliberately modified or corrupted in some way during transit, some piece of digital signature software (either the signing program or the verification program)may be malfunctioning, or the message may have been forged. In any case, a red flag should be raised if the digital signature is not confirmed. The message should not be trusted.