Dnia środa, 25 czerwca 2014 11:20:50 stef pisze:
i noticed lots of users pgp-sign their mails to mailing-lists. what exactly is the reason/usecase/attackvector you defend against for that? what exactly is the reason for doing so on public mailing lists? and why does it make sense to sign irrelevant messages like "+1" or "just kidding" - assuming no stego usecase is in play.
I sign my e-mails for the same reasons I undersign them. E-mail is dead-easy to forge, so when I have something to say, I sign it in a way to ensure that it's as unforgeable as possible. I sign *all* my e-mail (and try to encrypt as much as possible, but that's another thing), even trivial, so that if anybody gets e-mail from me that is *not* signed, they will be more likely to suspect foul play. -- Pozdr rysiek