On Tue, May 08, 2012 at 04:06:54PM +0300, Mika Suomalainen wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > 08.05.2012 15:47, Indulekha kirjoitti: > > On Tue, May 08, 2012 at 03:41:40PM +0300, Mika Suomalainen wrote: > > 08.05.2012 15:38, Indulekha kirjoitti: > >>>> On Tue, May 08, 2012 at 03:05:30PM +0300, Mika Suomalainen > >>>> wrote: 08.05.2012 15:03, Indulekha kirjoitti: > >>>>>>> On Tue, May 08, 2012 at 03:00:16PM +0300, Mika > >>>>>>> Suomalainen wrote: 08.05.2012 14:57, Indulekha > >>>>>>> kirjoitti: > >>>>>>>>>> On Tue, May 08, 2012 at 02:53:30PM +0300, Mika > >>>>>>>>>> Suomalainen wrote: 08.05.2012 14:45, Jochen > >>>>>>>>>> Spieker kirjoitti: > >>>>>>>>>>>>> Indulekha: > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> No, I think you may have an incorrect or > >>>>>>>>>>>>>> incomplete configuration.... > >>>>>>>>>>>>> > >>>>>>>>>>>>> This is inline vs. MIME: > >>>>>>>>>>>>> > >>>>>>>>>>>>> http://www.phildev.net/pgp/pgp_clear_vs_mime.html > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > > > >>>>>>>>>>>>> > J. > >>>>>>>>>> > >>>>>>>>>> And that page forgets the problems in MIME. > >>>>>>>>>> > >>>>>>>>>> PGP/MIME requires headers, message and the > >>>>>>>>>> signature.asc to be verified. Some mailing list > >>>>>>>>>> programs mess up with the headers and this way > >>>>>>>>>> make PGP/MIME signatures unverifiable. > >>>>>>>>>> > >>>>>>>>>> In INLINE, the signature is in message and it > >>>>>>>>>> doesn't require headers to be verified so it's > >>>>>>>>>> harder to be messed up by mailing list software. > >>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> Well, all I know is that Jochen Spieker is able > >>>>>>>>>> to use it without being intrusive.... Maybe you > >>>>>>>>>> should try to follow his example? :) > >>>>>>> > >>>>>>> If I used PGP/MIME, my signatures couldn't be verified > >>>>>>> on Ubuntu mailing lists (I am on 5 of them if I recall > >>>>>>> correctly), nor Enigmail mailing list nor gnupg-user > >>>>>>> mailing lists nor many others. This is small list of > >>>>>>> those MLs, which I mean with > >>>>>>> http://mkaysi.github.com/PGP/Clearsigning.html . > >>>>>>> > >>>>>>> > >>>>>>> I see... so the people on the *proper* msiling lists > >>>>>>> will just have to suffer then, eh? :\ > >>>>>>> > >>>> > >>>> I don't understand how those other mailing lists are > >>>> inproper. > >>>> > >>>>> > >>>>> > >>>> > >>>> They don't support the considerate version of gpg/pgp. Now > >>>> that I know that people using this actually have a choice and > >>>> choose to be rude, it does make it rather tempting to set up > >>>> an autoresponder and filter to nag them... > > > > Note that gnupg mailing lists are also affected and they aren't > > lists themselves, the problem is in mailing list software. I think > > that they all use GNU Mailman, which is very popular among mailing > > lists. > > > > People don't have a choice if they are on mailing lists, which > > force this by having this bug, but do as you want. > > > >> > >> > >> -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > >> with a subject of "unsubscribe". Trouble? Contact > >> listmas...@lists.debian.org Archive: > >> http://lists.debian.org/4fa91484.6050...@hotmail.com > >> > > > > There is always a choice --for instance you have the choice to only > > sign the maill to those lists. > > > > And if someone spoofs email from my address to this list and it's > unsigned and my messages to this list are always unsigned, I cannot > say that I always sign my emails and that isn't sent by me. >
I think they've come a long way in mediactions to address paranoia these last few years... Seriously, why the devil would anyone want to spoof your email?! What are you, Black Ops? -- ❤ ♫ ❤ ♫ ❤ ♫ ❤ Indulekha -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120508131612.GA11856@radhesyama