On Mon, Sep 15, 2014 at 3:51 PM, Matt Whitlock <b...@mattwhitlock.name> wrote: > On Monday, 15 September 2014, at 5:10 pm, Thomas Zander wrote: >> So for instance I start including a bitcoin public key in my email signature. >> I don't sign the emails or anything like that, just to establish that >> everyone >> has my public key many times in their email archives. >> Then when I need to proof its me, I can provide a signature on the content >> that the requester wants me to sign. > > That would not work. You would need to sign your messages. If you were merely > attaching your public key to them, then the email server could have been > systematically replacing your public key with some other public key, and > then, when you would later try to provide a signature, your signature would > not verify under the public key that everyone else had been seeing attached > to your messages.
If the server could replace the public key, it could replace the signature in all the same places. Please, can this stuff move to another list? It's offtopic. ------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
