-----BEGIN PGP SIGNED MESSAGE-----
Hello fellow C'punks! As my last message said (for those who read it), I'm just getting into anon remailers. I just picked up the docs and PGP key for the remailer@soda. I would appreciate it if people would send me fingerprints of the key. This is so that I know it hasn't been tampered with, or at least can be reasonably sure. Thanx, in advance!
I hope we're all clever enough to realize that this is not very good key verification. If a spoofer has managed to spoof the key to soda that you got, then he will spoof the fingerprints that everyone sends you. Finding a way to do this that can't be spoofed is nontrivial. However, you can take some reasurance, IMO, in the idea that if someone was spoofing any given widely held key, such as that to a remailer, someone would, eventually, smell something fishy. i.e. one day you go to mail a message to a soda from a different account only to have it fail because your other account provider was spoofing you. - -- Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba E7 E3 90 7E 16 2E F3 45 * 28 24 2E C6 03 02 37 5C Stuart Smith <stu@nemesis.wimsey.com> -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLkAANqi5iP4JtEWBAQEKmgQAlFGaYWRv9PzupM20SWghzP/oJg/j9B8u +bXXMLHFEAk3tXhv3iYHr33f1Gs3D1IhCdz1tFbmyqwVjxUBxjU5s5EF1DEaPWA6 EMt6IFRwYS3WR2qhDsxn5QDeEMzETrO1xzGyNYbCERxlGAqgr6K5EGtzshoAxOmq 6VkURwSe3rY= =R3sY -----END PGP SIGNATURE-----