GPG support in Mahogany
Michael Nahrath
gnupg-users@nahrath.de
Tue Dec 10 17:18:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Xavier Nodet <xavier.nodet@free.fr> schrieb am 2002-12-10 16:25 Uhr:
> Something more specific to mails. When a message is signed, we should
> verify that the 'From:' header actually matches one of the IDs of the
> signing key.
IMHO this is nonsense. I use much more mail addresses as a sender than I
would like to bloat my key with (check this mail for an example).
With configuring my mailserver to redirect *@nahrath.de to my account it is
no problem to have all these adresses valid.
You may give a one-time warning to your users, that a discrepance betwheen
signing-key UID and From:-header might be seen as unpolite by some people
(although not by me).
Just think of all the people who write from a role-account! They can't all
include <support@company.TLD> into their personal key.
Greeting, Michi=20
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.1 (Darwin)
iEYEARECAAYFAj32E9gACgkQ19dRf5pMcExjFwCgn356o17uVHNCTaQcwF74uF4q
6n8An31arsw6ezqOMPq8pidtHvDy3G+H
=3DK1sC
-----END PGP SIGNATURE-----GNATURE-----=A4=055{CzA=A4=13=03=01avl cprmlo