* Jussi Ekholm <[EMAIL PROTECTED]> [2002-03-24 21:09:42 +0200]: >Rob 'Feztaa' Park <[EMAIL PROTECTED]> wrote: > >> Alas! Jussi Ekholm spake thus: >>> But yeah - what is so bad in PGP signed mails in mailing lists? >> >> There is nothing wrong -- the people who say it is wrong are simply >> heretics. >> >> Oh, you _didn't_ want to start a flamewar? Oops... ;) > >LOL! Well, maybe we can have just a nice and friendly /discussion/ >instead of a /flamewar/? ;-) > >Ah well, I've decided not to use signed mails in mailing lists if >there isn't any reason for me to do it. What matters, is, that PGP >works with my Mutt - whole other thing is, if I use it... ;-)
Well, here's my two cents for you to add to the stuff you're reading up on. I encrypt every message I can (which isn't many yet, *sigh*), sign all private mail except to the really militant dissenters (i.e. users of a particular version of Eudora that actually locks up trying to read the message...), and sign all list mail. I sign/encrypt all private mail because it just makes sense. But anyway, this thread is about (not) signing public/list mail. My own reasons for signing all list mail are thus: 1) It increases awareness of cryptography as a mainstream utility. Sometimes people ask me about it, maybe others silently look it up on the web or consult their local nerd resource. :) This is kinda a minor reason though. 2) The main reason I sign all list email is an attempt to _somewhat_ (please note the super-sized emphasis on "somewhat" as it becomes important later) counter the problem of signature authentication for untrusted keys. Let's pause a minute for a definition: "Authentication by trust" is defined as the level of trust a given key is assigned, based on the actual signatures that have been applied to the key by people who are assumed to have been acting in good faith and verified the identity of the key owner at the time of signing. Now let me just explicitly say that what I'm about to describe is _not_ (there's that super-sized emphasis again) a substitute for actual signatures on a key. This is just a suggestion for a "second-best" procedure... By signing all public mail, I am creating a far-flung "paper trail" on the web and in people's mailboxes of all my signed email. What this means is, that if someone gets a message that's signed by a key with my name on it but has no sigs that they themselves trust, they can consult something like Google and find its archive of 2.3 to the power of spork messages that are signed by my public key. They can then say, OK, whoever signed this message also signed all those other messages. A careful examination of a cross-section of those messages may give them some clue, maybe through speech patterns etc, that the person from all those messages is the same one who sent the email they now have in their inbox. Again, it's not a substitute for actual web-of-trust sigs, but it does at least a little good in a pinch. Just the fact that there are a zillion things out there with my sig lends it credence; after all, it would take a lot of motivation for someone to bother creating a fake key and then manually composing all those messages over the course of time just to fake someone out. Oh, and of course I also sign just to keep Rob from forging my email. :) -- still haven't fixed the sig rotation script.
msg26045/pgp00000.pgp
Description: PGP signature
