-----BEGIN PGP SIGNED MESSAGE----- To: cypherpunks@toad.com Date: Sat Jun 22 18:22:50 1996 On Fri, 21 Jun 1996 10:15:13 "Travis J.I. Corcoran" wrote:

I use a lisp package for emacs that I wrote to automatically verify signatures on incoming mail, so I already see the 10% of messages which are improperly signed displayed in a red "bad signature" font. Thus, I'd have no need of this service.

Further, it makes philisophical/political sense to me to have verification distributed. Every node should be doing it's own security.

I am not convinced. For a mailing list it makes sense for all members to be aware of message integrity problems. Not all cypherpunks have your lisp package or Pronto Secure which make signature verification of the 10-20 pgp signed messages per day on the list a non trivial task. I also like the idea that cpunks provides as a byproduct a platform for developers to test and debug their security products. We really should be getting the bugs out of plain text signatures. You cannot expect Joe User to differentiate between an intruder and a gateway massaging the message. Geoff Klein Pronto Secure Product Manager -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBMcwPzkLv5OMYFK1FAQH8tgP/Y/Qai5TQj45CGk7U9OdF5BrdycyQpKuE UfAnlFut/LmgumyiM2wuy6+CPv8mPITAp375rNVx9UxvyRj8Gv8MFfEEuwVFZpNb WbiWvl2yPBCV/ZBlEdmXJUPhfYto3FFjZX6AwKTMXgHd1j7uW3pBGSW24McEjM2I aBQ1iDbLUY0= =Igm9 -----END PGP SIGNATURE-----