On Sun, 3 Dec 2000, Ben Laurie wrote:
> Bram Cohen wrote:
> >
> > Come to think of it, there are some tricky issues with regards to crypto
> > on mailing lists, it might make sense to have a
> > X-crypto-originator [EMAIL PROTECTED] line in the headers to specify that the
> > crypto information contained in that piece of mail applies to the address
> > [EMAIL PROTECTED] - otherwise there's no clear way of unraveling all the
> > possible mixes of from, to, and reply-to headers which could possibly be
> > sent to a mailing list.
>
> Umm. PGP keys are largely self-identifying, at least in this case. It
> wouldn't really matter how the short-lived key arrived, the fact that
> its signatory is the guy you are about to email is the interesting
> thing. Who cares who delivered it to you, or how?
If I recieve mail from a mailing list, it potentially might have info
about both how to encrypt mail sent to the sender, and how to encrypt mail
sent to the list - it really should be able to include both, and specify
which is which.
-Bram Cohen
[Personally, I'm not sure it is worthwhile worrying about how to
encrypt mail to a large mailing list -- a secret known by more than
a couple of people is never secret for long. Signatures on list mail
are another matter. --Perry]
