-----BEGIN PGP SIGNED MESSAGE----- I think it's a bad idea to require signatures on the list, or even to penalize people who don't use them. People aren't signing their posts because it's too much of a hassle to do it from a dial up, netcom style, account, not because they're insufficiently committed to the cause. It seems to me that such a rule would stifle discussion and encourage people to store their keys on insecure accounts. The real solution is to try to build tools which will make it so easy to use crypto that there's simply no reason not to do it. And towards that end: I think Eric's point about separating key distribution from encryption finally sunk in. It's encouraging for me, because I think we're very close to being able to implement good transparent systems, at least if we put key distribution on the back shelf. I haven't totally thought it through, but it seems to me that it's almost a matter of assembling a few existing tools into a coherent system. I've just installed Raph Levien's premail as /usr/lib/sendmail on my system, and I'm happy to report that it's running well, despite the fact that my machine is a very puny linux box. This means that I can keep a list of addresses that ought to be encrypted in my ~/.premailrc file, and outgoing email to those destinations will be automatically encrypted and signed, no matter what mail software I happen to be using. This leaves the problem of passphrases for outgoing signatures and automatically decrypting incoming mail, but I think that cfs will let me kludge something together which will get around this. (My situation is a little unusual, because I'm running linux on a pc which is connected to the net via a static slip account. I don't think this would work well in other situations.) If, after I power on my machine, I mount an encrypted directory with cfs, and then connect my slip, I think I can get away with keeping my key unprotected with a passphrase as long as the keyring is stored in the encrypted directory. What's more, if my mail spool is stored in the encrypted directory as well, a filter which automatically decrypts incoming mail and deposits the plaintext in the spool would be feasible. A good filter would probably stick something in the text to let you know that it had come with a good signature. It would be sort of ugly, but I think it would work. I'm sort of new to cfs, though, and I'm sure how it would deal with multiple users (root, my main account, my cp account which recieves cypherpunk list traffic, etc.). But If it worked, I'd have a machine which: o talked to the rest of the email universe without difficulty, and which uses standard unix software o would automatically use crypto when sending mail to a list of email addresses, and which could automatically handle incoming crypto o would be reasonably secure when it was powered off == Alex Strasheim | finger astrashe@nyx.cs.du.edu alex@omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLtrgPREpP7+baaPtAQHTlQP/RYcJi9u5iU0AY4SV1MqNGxAuQDfYwL2G LcJC5sxYreFGkpwwpA87fRcLi7PreAtS6vFg5tsMXiUXaNS15v1mCDfxr54AwO7C P3yyHWUTGg1I8CRbDUYlZqksrF3Bqzxy0pDRQGzPEFwP7k8ER72XXeVtIVc8K/zM CBW+smDOY/w= =43eM -----END PGP SIGNATURE-----