Mutt/GnuPG doc initial release

JanuszA.Urbanowicz JanuszA.Urbanowicz
Mon Sep 24 19:57:02 2001 

Alexander Skwar wrote/napisa=B3[a]/schrieb:
[Charset iso-8859-1 unsupported, filtering to ASCII...]

> So sprach _Janusz A. Urbanowicz_ am 2001-09-24 um 13:44:47 +0200 :

> > Len Sassaman wrote/napisa?[a]/schrieb:

> > > Frankly, it's poor netiquette to post PGP/MIME messages to mailing li=

sts,

> > > for one,

> >=20

> > Why?

>=20

> Because normally it's not that terribly important to see from which

> person a mail orginated.  You know, I don't know you, so even if your

> mail would have been signed, it wouldn't mean more to me.  Also Werner's

> mails to this list wouldn't mean more to me if they were signed, because

> he's also just a stranger.


I don't think so.


> So, it doesn't add anything which means that it's unneeded and thus poor

> netiquette.


And I think you are wrong or haven't done proper threat analysis. Case 1:
someone impresonating Werner posts a message about a bug in GnuPG and a
patch to fix it. This patch actually plants a backdoor. In your approach,
you have no way to tell nor it makes any difference to you.
Case 2 (real life example): a friend of mine is an active usenetter, she
also posts a lot to mailing lists. One day a sexually suggestive (at the
verge of explicit) forged messaged attributed to her started to appear. PGP
signing was the simplest way to make a good distinction of which messages
come from her and which are forgeries.

In saying about 'strangers' you forgot one thing: while on everyday use of
PGP there is little need to use it to establish RL identity, it is a very
good and a convenietnt way of establishing origin. I don't care much if
Werner's name is actually Werner, but I do care if new GPG releases come
from its author.

A good example is remailer-operator list. Anon remailer operators need not
to know each other's identities (I'm one of the few who reveal their names)
but need to know if given remailer configuration changes come from the
remailer's operator (because of MITM).

Alex
--=20
C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling |         | =
  *  =09
 ; (_O : +-------------------------------------------------------------+ --=
+~|=09
 ! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka=
=BFde z=B3o | l_|/=09
A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d=
no;     |   |  =20