On 09/23/15 17:04, Robert J. Hansen wrote: > It's because, 99.9% of the time, a bad signature doesn't mean a hostile > adversary -- it means a noisy network. It means an MTA may have mangled > a PGP/MIME attachment, it means a cosmic ray flipped a bit, whatever.
The former of which is enormously more likely than the latter... :) (Since a cosmic bit-flip is likely to affect only a single message, while a misconfigured MTA will most likely mangle every susceptible message that passes through it.) > I need to think about this some. I think you're right, but not for the > reasons you set out. I think the functional difference comes from what > a bad signature can tell us about the traffic channel itself -- not what > it tells us about the traffic. I wasn't thinking about "what it tells us about the traffic" so much as "even a failed signature conveys information about the sender's intent". Whatever the reason for the failure. But your point about it telling us about failures in the traffic channel is well made. -- Phil Stracchino Babylon Communications [email protected] [email protected] Landline: 603.293.8485
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
