| christophe barbé on Sun, 14 Apr 2002 23:40:16 +0200 |
|
I can not speak for everybody but my primary reason to sign all my mails is a militant reason. In a perfect world all mails should be encrypted to the person(s) concerned. If you encrypt only mail with sensitive data, it become easier to detect them and try to brute force them. I you want to be able to exerce your privacy right you need not only a tool like gpg but you need to use it most of the time and you need it to be widespread (this way you reader can decrypt your message and important data are not easily found in all encrypted communications). So the word is not perfect, we need to advertise that we are ready to receive encrypted mails (this is done by displaying your fingerprint and signing your mails). This is my primary reason to sign all my mails. And this is nicely done as an attachment so if you don't care about it, you can ignore the signature. Also sometimes you need to send an encrypted mail to someone you never meet and for who you can't find a path of authentification (between your key and his, what we call the web of trust). So in this case if you have a lot of signed mails from this person, it helps you determine if you can use this key. Christophe On Sun, Apr 14, 2002 at 12:23:41PM -0400, Doug Crompton wrote: > On 14 Apr 2002, Michael Leone wrote: > > > On Sun, 2002-04-14 at 10:35, Doug Crompton wrote: > > > May I ask a perhaps dumb question? Why do you use signed email on this > > > list why would I have a need to validate it? I assume it is just playing > > > here. I can understand why you would in a secure environment. My email > > > does not fit in that category. > > > > Because many people feel that ALL email fits into that category, and > > therefore all email should be signed. Especially since email forgery is > > so easy to do it (spammers do it millions of times a day), it's seen as > > a necessary mechanism, to prove that person claiming to be me .. *is* > > me, and therefore you can confidently assume that the email actually did > > come from Mike Leone, the PLUG member, instead of Mike Leone, my cousin > > from New Jersey (or whoever). > > > > -- > And why should I care if it is REALLY you or not? Would your cousin in NJ > have the knowledge or care to send something to this list? I guess my > point is that in a business or critical situation I certainly understand > it. In a fun or personal operation it is not clear to me. If it eliminates > spam that is a good thing and I am all for it. I suppose if you did not > except any mail from non-signed senders it would, but for the forseeable > future it would also eliminate most of the good mail I receive also. > > And don't get me wrong. This is an experimenters and learning list. Doing > these things helps us all learn. I just wondered if I had to play the game > if I did not want to and what the consequences were if I did not. > > Doug > > **************************** > * Doug Crompton * > * Richboro, PA 18954 * > * 215-431-6307 * > * * > * doug@crompton.com * > * wa3dsp@wa3dsp.ampr.org * > * http://www.crompton.com * > **************************** > > > > ______________________________________________________________________ > Philadelphia Linux Users Group - http://www.phillylinux.org > Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce > General Discussion - http://lists.phillylinux.org/mail/listinfo/plug > -- Christophe Barbé <christophe.barbe@ufies.org> GnuPG FingerPrint: E0F6 FADF 2A5C F072 6AF8 F67A 8F45 2F1E D72C B41E There's no sense in being precise when you don't even know what you're talking about. -- John von Neumann Attachment:
pgpqEf7xaHCnh.pgp
|
|