I've always considered encryption suitable for areas where paranoia is required. (i.e. state secrets, etc.) But I have come to understand the need in a different way.
Let's relate this to CLUG. If the exec had need to discuss a particular member, or exchange our membership lists, would you feel more comfortable if this were encrypted or plain text? In this sense, encryption makes sense to me. With regards to our average clug-talk postings, encryption probably isn't needed. If someone were to post a message as an exec, well, we monitor the list enough to catch this and post a correction message. But digitally signing our messages would help prevent this in the first place. To that end, I have (finally) created a GPG key for myself and (hopefully) have KMail configured properly to utilize it. Next, I just need to figure out how to enter the keys for people I correspond with who also use GPG. (more reading tonight I guess). As for those who have decided to impersonate myself and Jessie, I think the point has been made. Let's not encourage this.. :) Shawn On Sunday 25 September 2005 20:02, Neil Bower wrote: > On Sun September 25 2005 17:18, Jesse Kline wrote: > > I don't really see the point. I have never seen anyone try to > > impersonate a member of the CLUG executive, nor can I think of a good > > reason why anyone would want to do it. I had GPG setup a few years ago, > > but I couldn't find a good use for it. I love the idea of encryption, > > because we know that there are a number of governments including our own > > monitoring our transmissions, but unless there is a critical mass of > > people using GPG, there is no point to it. > > The point of GPG is to help verify the identity of the person you are > communicating with. When you talk to someone on the phone or live chat, > you generally can recognize the person's voice as that of the person you > are chatting with. If you are talking to someone in person, you recognize > that person for who they are. If you receive a note or letter from someone, > you generally recognize their handwriting or their signature. There is no > way of doing that with e-mail, except with digitally signing your e-mails. > The GPG becomes your signature. > > True, no one has to date impersonated a member of the clug executive, but > GPG signing will help eliminate that possibility from happening. And GPG > sigining is not a big deal or inconvenience if digital signing is set as a > default within your mail client. :-) > > > Neil
pgp9H2hEmradm.pgp
Description: PGP signature
_______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
