Elgamal signatures (was Re: splitting keys)
David Picon Alvarez
Fri Feb 21 22:46:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
> I guess it depends on why you are signing. If the intent is to get
> other people to check the signatures on your messages to verify they
> did indeed come from you, then it does sort of defeat the purpose of
> signing if checking the signature is so unpleasant that nobody does
OK, I see this, it's just that it doesn't take me nearly as much to generate
or check my own sigs. Maybe I don't have enough perspective about this.
> There are many reasons not to use Elgamal signatures. Only GnuPG
> supports them, so you can't communicate with any other OpenPGP
> program. They are also incredibly slow, which means people have to
> sit for 10-20 seconds every time they need to check one of your
> messages. If they have their mail reader configured to automatically
> verify signatures, then they can be reading happily along, hit one of
> your messages, and they're locked up for a while.
OK, OK. I guess I'll make an RSA key and loose the few signatures I managed
to collect :-)
Is this better then?
-----BEGIN PGP SIGNATURE-----
Comment: This message is digitally signed and can be verified for authenticity.
-----END PGP SIGNATURE-----