Authentication at toad.com: WTF?
bill.stewart@pleasantonca.ncr.com +1-510-484-6204
wcs at anchor.ho.att.com
Thu Dec 1 23:39:35 PST 1994
-----BEGIN PGP SIGNED MATERIAL-----
> On Wed, 30 Nov 1994, The new cypherpunks signature checking agent wrote:
> > The below message was found to have a valid signature from "JEFF LICQUIA (CEI)
> > " JLICQUIA at mhc.uiuc.edu.
Apparently it was a spoof, but whatever. I'd be really bugged by
the security implications of software claiming to have validated
signatures; software that complains about bogus sigs is fine,
since if it's spoofed it's only a warning, and if the warnings
are deleted your trust is still somewhat limited unless you've verified
the signatures yourself. Trusting someone else's verification
is less than ideal security policy :-)
Bill
-----BEGIN PGP SIGNATURE-----
Pgp-version: 32767
uhohovhoehvohfvoihvhoviheoivhefoivhefohvefohv
jhjhohhuhvuhiuhewiuvhiuhfveiuhefviuhevhevhvhh
-----END PGP SIGNATURE-----
Cypherpunks signature checking agent: It's valid - trust me!
More information about the cypherpunks-legacy
mailing list