Peter Gutmann writes: > STARTTLS If Alice and Cathy both implement STARTTLS, and Beatty does not, and Beatty handles email which is ultimately sent to Cathy, then STARTTLS accomplishes nothing. If Uma and Wendy implement DomainKeys, and Violet does not, and Violet handles email which is ultimately sent to Wendy, then Wendy can check Uma's signature.
> [ S/MIME uses huge ugly blogs of base64 crap, and context is > sufficient for authentication. ] So the consensus was not to sign > messages. Before I could send the previous email, I had to tell Perry to accept email from my outgoing email address because I'm subscribed to the list under a list-specific email address. If, instead, Perry had a list of PGP keys and email addresses, he wouldn't *need* to compare the email address on the incoming email. He could just verify the key. Then, he could discard the signature, since everybody has [EMAIL PROTECTED] whitelisted anyway, right? -- --My blog is at angry-economist.russnelson.com | Crynwr sells support for free software | PGPok | Bugs of a feather 521 Pleasant Valley Rd. | +1 315 268 1925 voice | flock together. Potsdam, NY 13676-3213 | FWD# 404529 via VOIP | --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
