@alex @glyph I wonder whether you feel similarly about MACing and decrypting (they are both similar, insofar they allow the other party to tell that it was you who have done something, but don't allow them to convince anyone else, because they themselves could have done the thing too).