This is yet another a good example of why one should never confuse using PK certificates with security. An email PGP signature looks impressive but in practice it is useless.
It is usefull iff you can verify the validity of the used PK certificate. That's what the web of trust in PGP is for.
Unfortunately the "if" is false. I have no idea if your fancy PK signature really represents you. Just look at the recent trouble Black Unicorn has had with someone else using the same name affiliated with a key stored on the Network Associates PGP key server. Dave could not verify a PK signature for the PGP software distribution itself. PKI, or a web of trust, looks good on paper but in practice it does not work when scaled up to large numbers of networked users. - Alex -- Alex Alten Alten@Home.Com Alten@TriStrata.Com P.O. Box 11406 Pleasanton, CA 94588 USA (925) 417-0159