> There have been episodes of spoofing on this list. If client > side encryption "just worked", and if what is considerably more > difficult, checking the signatures "just worked", there would > be no bother, hence it would be rational to sign
Not "just work" but "opt out" is what you are looking for. If there are n posters to the list and m people signing, then their are only n-m spoof targets. As m approaches n, the number of forgeries rapidly approaches zero as there is no one left worth spoofing who can be spoofed. But as each individuals chance of being spoofed approaches zero, the benefit gained by signing also approaches zero. Consequently unless there are additional costs to non-signing above and beyond spoof protection there will always be a substantial number of unsigned messages. -- Julian Assange |If you want to build a ship, don't drum up people |together to collect wood or assign them tasks and [EMAIL PROTECTED] |work, but rather teach them to long for the endless [EMAIL PROTECTED] |immensity of the sea. -- Antoine de Saint Exupery