[NTLUG:Discuss] GPG and Signing

Tom Adelstein adelste at netscape.net
Wed Jul 2 16:08:07 CDT 2003 

This is funny in a theater of the absurd kind of way. Your message is 
blank until I reply.

I don't understand why people who have used certificates for years 
should stop and disable them for a mailing list. It makes no sense.

madhat at unspecific.com wrote:

>On Wed, 2003-07-02 at 14:18, Chris Cox wrote:
>  
>
>>MadHat wrote:
>>    
>>
>>>So what is it on this list that makes you think someone is going to
>>>spoof a message from you to this list?  Why would anyone think this list
>>>is important enough to sign every message to verify that message is
>>>really from you? 
>>>
>>>This seems to be overkill, pointless and not to mention breaking in
>>>Evolution for several people.
>>>
>>>As I have said I have submitted a bug to Ximian about this, but what I
>>>want to know is why anyone feels its necessary to sign every message? 
>>>(not that I'll be able to see their replies ;^) hehehehe)
>>>
>>>      
>>>
>>Signing messages can be enabled by default in Mozilla.
>>It's sort of like saying why use passwords on every system
>>you own? It's easier to just do it and not wonder about
>>whether it's ok or not on a case by case basis.
>>
>>    
>>
>
>But what is the use of signing the message?  Its isn't like using
>passwords, its like putting your thump print on every piece of
>snail-mail you send to all your friends, family and coworkers so they
>know it is you.  Here is another issue.  I don't have his public key, so
>I can't verify it is him anyway.  The only way I can get his public key
>right now is via email or a server, but how do I know that the key is
>valid?  So signing to anyone you haven't given your key to in a secure
>manner is useless anyway.  
>
>I just find it to be a false sense of security.  Like having SSL turned
>on with your web server.  Just because things are encrypted over the
>wire does not me the site itself is secure.  It should be used when
>necessary and with the appropriate safeguards in place and not to be
>used to give "warm fuzzies".
>
>  
>
>>Sounds to me like you're a evolution-loving-whiner :-)
>>    
>>
>
>No, I bitch when I don't use evolution as well.  I just use this because
>it is easier at work.
>
>  
>
>>Oh well.  It's called evolution for a reason.
>>    
>>
>
>evolution take time, that's the problem.  The Ximian guys said the
>problem is S/MIME and it is "not supported at this time".  I told them
>their product was "not usable at this time", we'll see what they ahve to
>say.
>
>
>Sorry, off topic.
>
>  
>

More information about the Discuss mailing list