Mutt/GnuPG doc initial release
Anthony E. Greene
agreene@pobox.com
Tue Sep 25 15:00:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 24 Sep 2001, Horacio wrote:
>On Mon, Sep 24, 2001 at 07:49:54PM +0200, Janusz A. Urbanowicz wrote:
>> Case 2 (real life example): a friend of mine is an active
>> usenetter, she also posts a lot to mailing lists. One day a
>> sexually suggestive (at the verge of explicit) forged
>> messaged attributed to her started to appear. PGP signing
>> was the simplest way to make a good distinction of which
>> messages come from her and which are forgeries.
>
>No, since most people will not have a system to check the sig
>(and most of those who have a pk system won=B4t have her key),
>this is useless at large. But, MOST IMPORTANT, she could
>post nice messages to the ng pgp-signed, and yet SHE could
>at the same time post nasty ones without a signature. What=B4s
>in her public key that I can use to verify that a non-signed
>message is not from her? This is nonsense.
Signing *all* messages establishes a consistent pattern. If the one
message that is not signed also contains content that is not consistent
with the purported author's normal pattern, the argument that it's a
forgery becomes much more credible.
Tony
- --=20
Anthony E. Greene <agreene@pobox.com> <http://www.pobox.com/~agreene/>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05
Linux. The choice of a GNU Generation. <http://www.linux.org/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <agreene@pobox.com> 0x6C94329D
iD8DBQE7sH9epCpg3WyUI50RAqo6AKDUvXWpVDsw0Lw1i+O/I6aunasoAgCdH9Bk
zb79fchxSgC1jJu4uppqThY=3D
=3D23u7
-----END PGP SIGNATURE-----