Novice seeks guidance

L. Sassaman
Thu, 30 Mar 2000 13:36:33 -0800 (PST)

Hash: SHA1

On Thu, 30 Mar 2000, Raman Boucher wrote:

> 1) I am at a company where everyone uses Outlook (makes me
> gag to say it), and I'm trying to woo them into using
> digital signatures. Mostly, they just complain about the
> 'junk' attached to my email. Can you direct me to Windows
> resources?
There's a long discussion on this on the PGP-Users list. Convincing people that there is a privacy threat and tampering threat with email is difficult. Good luck. :)
> 2) All the keyservers I find, and everyone working on gpg
> are outside the US. I am wondering if this has to do with
> happenstance or the generally stupid US attitude toward
> cryptography?
A lot of the contributors to GnuPG are in the US.
> Also, checking for keys seems slow for pine. Quite possibly
> due to the network latency of making an overseas connection.
> Any keyservers you know of in the US...any keyserver-servers?
Lots.,, and many others.
> 3) The only signed messages I get are from you guys and from
> CERT (and a couple of others). Gpg-newsgroup members must
> have public keys on the servers (I know mine propogated through
> several) why do I always get the "Good, but unverifiable
> signature" message?
Right, but how do you know those keys are valid? If you don't have a valid trust path (via trusted signatures) you still don't have proof of whose key that is.
> Thanks a lot. I hope your weather is as nice as it is here in
> sunny California!!
If you are in San Jose, we could meet for a key signing. __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger:// | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1d (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE448jsPYrxsgmsCmoRAhzcAJ9TmS3KVWBOIadapLdpBJ6wOQBzKgCgqO3T DeucDsBWmK7t/6ZKrzgBcmA= =8mne -----END PGP SIGNATURE-----