From: mdavis@pro-sol.cts.com (Morgan Davis)
This is my first post here, so go easy if I'm way off base. Why would you want to include a PGP signature (in addition to your net .signature) for a message that is NOT encoded? I've included the pageful of useless text from your message as an example of how wasteful this seems to me. I'm all for personal privacy and message security, but this smacks of either paranoia, showing off, or laziness. Genuinely curious.
/\/\ Morgan Davis Group (619/670-0563) / /__\ Internet: mdavis@pro-sol.cts.com
Simply to confirm that the file is from who it's supposed to be from. If I send a file to you with my signature on it (assuming no major security breaches), you can be absolutely certain that the file came from me. This is of tremendous importance if we're dealing with electronic contracts or the like, but there are plenty of other situations where you need to be sure. The file itself may or may not be confidential, so it may or may not need to be encrypted. The signature is valid either way. Yep, it's true that most routine e-mail and Usenet postings don't NEED to be signed, but it's good practice and good propaganda: it helps to promote the widespread use of crypto, helps spread the word, and gets people in the habit of doing it. Believe me, it's not laziness, since as of today it's not too convenient to send and receive encrypted email without going through gyrations. Several cypherpunks have come up with good workarounds for this on various platforms, but we still have a ways to go. --Dave.