professionalism, was Re: PGP messages getting flagged as spam

Robert J. Hansen rjh at
Thu Oct 18 10:11:11 CEST 2007

reynt0 wrote:
> Are there refined answers available to the question


When giving a software evaluation, you always specify sources and
methods.  Each and every assertion needs a source and a method: who is
your source, and how does your source know this?

With proprietary software, you're mostly stuck relying on your vendor
for information.  Compare "Microsoft says that IIS will scale up to our
server load with our current server configuration" to "the Apache
Foundation isn't making any promises, but I've had Apache running for
the last month on a test server and it's performing flawlessly."

The first statement's source is Microsoft.  Their method is presumably
their own internal testing.

The second statement's source is you-the-engineer.  Your method is your
own internal testing.

Neither evaluation is necessarily better or worse than the other.
Management might trust Microsoft more than you, or you more than
Microsoft.  You're not responsible for making sure Management makes the
right choices--you're only responsible for giving Management accurate
information with which to make their choices.

More information about the Gnupg-users mailing list