why bother signing? (was Re: What email encryption is actually in use?)
At 04:45 PM 10/3/02 -0700, James A. Donald wrote:
-- James A. Donald wrote:
If we had client side encryption that "just works" we would be seeing a few more signed messages on this list,
Ben Laurie wrote:
Why would I want to sign a message to this list?
Then all the people who read this list, were they to receive a communication from you, they would know it was the same Ben Laurie who posts to this list.
But Ben is not spoofed here! So there is little motivation. In an environment where spoofing was common, folks would sign (which is not incompatible with retaining anonymity, of course). You could also sign anonymous statements here which you might decide to bind to one of your identities later. In the absence of any need, its not rational to bother.
at Friday, October 04, 2002 9:07 PM, Major Variola (ret) <mv@cdc.gov> was seen to say:
In an environment where spoofing was common, folks would sign (which is not incompatible with retaining anonymity, of course). It *is* possible to sign in the name of a nym; there is no reason why a nym can't build an independent reputation without having a known "handler"
participants (2)
-
David Howe -
Major Variola (ret)