On 26/06/2014 06:55, Scott Blaydes wrote:
On Jun 25, 2014, at 5:52 AM, rysiek <rysiek@hackerspace.pl> wrote:
i noticed lots of users pgp-sign their mails to mailing-lists. what exactly is the reason/usecase/attackvector you defend against for that? what exactly is the reason for doing so on public mailing lists? and why does it make sense to sign irrelevant messages like "+1" or "just kidding" - assuming no stego usecase is in play. One more reason: spreading the word about GPG/PGP. This actually helps get
Dnia środa, 25 czerwca 2014 11:20:50 stef pisze: people interested in encryption, and helps also inform people that do have a GPG/PGP key (but for different reasons do not use them on a general basis), that here's a person that does use it, and it's possible to encrypt e-mails to that person.
Which might not be all that important on cpunks, I give you that, but a rule is a rule. ;) I do it to let the people I am communicating with through plaintext email know that I am setup and configured to handle encrypted communications. All they need to do is pull my pub key off of a key server and then our communications are encrypted from that point forward.
The prevention of being impersonated is also one reason, along with a way to secretly signal to the recipient that I am under duress and my words may not be my own.
Course that all goes out the window when emailing from my cellphone. That ain’t no way I want my private key on my cellphone. Maybe you could create a signing subkey specifically for your cell phone.
Thank you, Scott Blaydes
========================\ /---------------------------------------------------------- scott@sbce.org \ / *BSD/Linux Advocate crypto user GPG 096EECF0D8A2381E \/ Society for Better Computing Ethics gpg key on keyserver / \ http://sbce.org/ -------------------------------------------/ \==================================
cryptomars cryptoparty.fr