From: "Timothy C. May" <tcmay@netcom.com> Date: Tue, 29 Nov 1994 22:23:09 -0800 (PST) 1. Only one person has reported to me that they were unable to verify my PGP sig (Lance Cottrell reported this...if others did, maybe their messages haven't gotten through to me)). From this I conclude that few people check PGP sigs. A safer conclusion would be that few people report signature failures, although I suspect that your conclusion is also correct. I noticed that your message's signature failed, but chose not to report it. As I recall, it failed because I didn't have the appropriate key, although I do have your 0x54E7483F key and the key that it appeared to be signed with wasn't available from the MIT key server. I also noticed Bill Stewart's signature failure on Message-Id: <9411300425.AA21554@anchor.ho.att.com> -- ASCII armor stripping failed. In both cases, I assumed that the sender was trying to spoof the act of signing and I further assumed that you were more careful to match the form of a signed message than Bill was. The fact that you've been doing some spoofing lately only strengthened by sense that this was another gag. Often, but not always, when I see a Bad Signature message I let the sender know about it. Rick