Novice seeks guidance

L. Sassaman rabbi@quickie.net
Thu, 30 Mar 2000 13:36:33 -0800 (PST) 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 30 Mar 2000, Raman Boucher wrote:


> 1)	I am at a company where everyone uses Outlook (makes me

> 	gag to say it), and I'm trying to woo them into using

> 	digital signatures. Mostly, they just complain about the

> 	'junk' attached to my email. Can you direct me to Windows

> 	resources?


There's a long discussion on this on the PGP-Users list. Convincing people
that there is a privacy threat and tampering threat with email is
difficult. Good luck. :)
 

> 2)	All the keyservers I find, and everyone working on gpg

> 	are outside the US. I am wondering if this has to do with

> 	happenstance or the generally stupid US attitude toward

> 	cryptography?


A lot of the contributors to GnuPG are in the US. 
 

> 	Also, checking for keys seems slow for pine. Quite possibly

> 	due to the network latency of making an overseas connection.

> 	Any keyservers you know of in the US...any keyserver-servers?


Lots. certserver.pgp.com, pgpkeys.mit.edu, pgp.ai.mit.edu... and many
others.
 

> 3)	The only signed messages I get are from you guys and from

> 	CERT (and a couple of others). Gpg-newsgroup members must

> 	have public keys on the servers (I know mine propogated through

> 	several)...so why do I always get the "Good, but unverifiable

> 	signature" message?


Right, but how do you know those keys are valid? If you don't have a valid
trust path (via trusted signatures) you still don't have proof of whose
key that is.


> Thanks a lot. I hope your weather is as nice as it is here in

> sunny California!!


If you are in San Jose, we could meet for a key signing.

__

L. Sassaman

System Administrator                |  "All of the chaos
Technology Consultant               |   Makes perfect sense..."
icq.. 10735603                      |
pgp.. finger://ns.quickie.net/rabbi |              --Joe Diffie



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1d (GNU/Linux)
Comment: OpenPGP Encrypted Email Preferred.

iD8DBQE448jsPYrxsgmsCmoRAhzcAJ9TmS3KVWBOIadapLdpBJ6wOQBzKgCgqO3T
DeucDsBWmK7t/6ZKrzgBcmA=
=8mne
-----END PGP SIGNATURE-----