On Mon, Apr 29, 2002 at 12:03:05PM +1000, Jamie Wilkinson wrote: > This one time, at band camp, John Clarke wrote: > >On Thu, Apr 25, 2002 at 12:05:09AM +1000, Angus Lees wrote: > > > >> surely signing email is a Good Thing for distributed communication, > >> and thus SLUG should be setting an example and *encouraging* it. > > > >I agree, but only if we also encourage uploading keys to a public > >keyserver. There's no point signing a message if the recipients don't > >have the key and can't get it. > > Ever since the keysigning in July last year, I've kept a reasonably up to > date SLUG keyring at this url:
Thanks, I think you've missed my point. There have been posts to this list (and several others to which I'm subscribed) which were signed, but the senders had not uploaded their key to a keyserver, making it impossible for some, possibly all, recipients to verify the signature. In the case of those sent to this list, the senders were not at last year's keysigning, nor do they regularly post signed messages to the list. A signed message to a list is OK, as long as the recipients can easily verify the signature. To me, `easily verified' means that gpg can automatically download the key from a keyserver and simply tell me whether the signature was good or bad. Cheers, John -- whois [EMAIL PROTECTED] GPG key id: 0xD59C360F http://kirriwa.net/john/ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
