diff --git a/app/models/retraction.rb b/app/models/retraction.rb
index 7683e8ccb..5679822f0 100644
--- a/app/models/retraction.rb
+++ b/app/models/retraction.rb
@@ -1,6 +1,7 @@
 class Retraction
   include ROXML
   include Diaspora::Webhooks
+  include Encryptable
 
   def self.for(object)
     retraction = self.new
@@ -19,6 +20,8 @@ class Retraction
   attr_accessor :type
 
   def perform
+    return unless verify_signature(@creator_signature, Post.first(:id => post_id).person.id)
+     
     begin
       self.type.constantize.destroy(self.post_id)
     rescue NameError
@@ -34,4 +37,28 @@ class Retraction
     end
   end
 
+#ENCRYPTION
+    xml_reader :creator_signature
+    
+    def creator_signature
+      @creator_signature ||= sign if person_id == User.owner.id
+    end
+
+    def creator_signature= input
+      @creator_signature = input
+    end
+
+    def signable_accessors
+      accessors = self.class.roxml_attrs.collect{|definition| 
+        definition.accessor}
+      accessors.delete 'person'
+      accessors.delete 'creator_signature'
+      accessors
+    end
+
+    def signable_string
+      signable_accessors.collect{|accessor| 
+        (self.send accessor.to_sym).to_s}.join ';'
+    end
+  
 end
diff --git a/lib/encryptable.rb b/lib/encryptable.rb
index 98ffdd7a2..632c3e6a2 100644
--- a/lib/encryptable.rb
+++ b/lib/encryptable.rb
@@ -31,7 +31,7 @@
     end
 
     def sign_with_key(key)
-      Rails.logger.info("Signing #{signable_string} with key for person #{self.person.real_name}")
+      Rails.logger.info("Signing #{signable_string}")
       GPGME::sign(signable_string,nil,
           {:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [key]})
     end