why bother signing? (was Re: What email encryption is actually in use?)

Julian Assange proff at suburbia.net
Sun Oct 13 01:28:13 PDT 2002


> There have been episodes of spoofing on this list.  If client
> side encryption "just worked", and if what is considerably more
> difficult, checking the signatures "just worked", there would
> be no bother, hence it would be rational to sign

Not "just work" but "opt out" is what you are looking for. If there
are n posters to the list and m people signing, then their are only
n-m spoof targets. As m approaches n, the number of forgeries
rapidly approaches zero as there is no one left worth spoofing who
can be spoofed. But as each individuals chance of being spoofed
approaches zero, the benefit gained by signing also approaches
zero. Consequently unless there are additional costs to non-signing
above and beyond spoof protection there will always be a substantial
number of unsigned messages.

--
 Julian Assange        |If you want to build a ship, don't drum up people
                       |together to collect wood or assign them tasks and
 proff at iq.org          |work, but rather teach them to long for the endless
 proff at gnu.ai.mit.edu  |immensity of the sea. -- Antoine de Saint Exupery





More information about the cypherpunks-legacy mailing list