PGP/MIME use

[Christopher J. Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2/1/2012 04:38 PM, Robert J. Hansen wrote:
> I have referred to this paper probably five times or more on this list
> and other lists.  I really wish people would read it.  I'm getting tired
> of answering this -- it's my least-favorite OpenPGP-related question.
> 
> Shirley Gaw, Edward W. Felten, Patricia Fernandez-Kelly.  Secrecy, 
> Flagging and Paranoia: Adoption Criteria in Encrypted Email. Proceedings 
> of CHI 2006 Conference on Human Factors in Computing Systems, 2006.
> 
> www.cs.princeton.edu/~sgaw/publications/01Feb-Activists-sgaw-CHI2006.pdf


I have read the abstract, and admit that I only skimmed the rest of that
paper.  I find that it is only really talking about the use of public key
encryption of messages, and the human factors that lead to the decision of
whether or not to encrypt messages.

That is a separate topic from actually signing your message with your secret
key - and is not terribly germane to public mailing lists.  Since the list
owner would have to deem it worth the trouble to generate a key pair for the
list AND collect the public keys of each subscriber, and use software that
will be able to decrypt messages sent to the list, and re-encrypt them to
each subscriber.  This would not significantly improve security in such a
forum, and would increase the load on the system that processes mail for the
list.

To clarify, by "public mailing list", I mean that anyone can join it and post
to it.  A private mailing list would mean, in this context, would be an
"invite-only" list, where one would have to be known to the list owner and
specifically invited to join.

Signing, OTOH is a personal choice of each subscriber.  Those who choose to
do so can do so, and those who do no choose to do so, do not.

Regards,
Christopher J. Walters
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJPKbaFAAoJEJ6vdel2qM1cbsIP/1fRt03em5hHN3uQz5c+tilV
cfBTItlXIVE5W6I9Xl08mhIy5KGhCG9vn0Zjx5PJn30VYneakAxNxHzQ+uqDlDa0
9A/PvzUSOoz8AO0IDEblASsU6z6iS/1xEuP1C3GXeqZcb9Rg2//UPEHwAMxvE1sG
rmIMX2MUrTb2Tuy8EL20ym/VioUaqP3H/le1shNBmakS9sjgtsDooQzJX3erl64b
pKD30BaBmP93WiI/r7Sxnry0jp7n8yMSpYRCzKMUWde7MNVZ+MgwBo5EVisWBBkq
vh/X+uKbp/6uVSk1LXh/dpj8Sbl0Co8u+0jKudeBcGscu8Y/inuP22evKmS90XuE
qGx/Mgwy+Vp05M8OwuYk8+2V/41KLNoO/IWrtWQfwDEOJSjcA2mcamYdF8jwAeOY
IIW5Dapk2f5g4EciPZ1eO/SJ4227aV3PEbuceLAAy2BHSHuXIt9uTEq3SOHzxLKT
vauuP/kLgra9ZZJkESoSoAY5KBHaJt3C6+jSp7KYL6UNUipto8/mH0MF/KXecUyb
ZYOYSRDBlvE2/WicxZBCN0Nlwq1SQ38/zCUFyXiKnyhjiUNpBuHdOdZfrp9KWDrC
Y08GgwY4WWpmwBQbP3zPM1X7iVoP2gfmcm3+1gxfm/aVkhhm22JZNdvBGId69AIe
xDfh2dzEYWl+/S7oILXB
=E1X7
-----END PGP SIGNATURE-----


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120201-0, 02/01/2012
Tested on: 2/1/2012 5:02:50 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com