why bother signing? (was Re: What email encryption is actually in use?)