Adam wrote:
> Tim wrote:
> > No, I don't sign my messages. But I am also not sending out patches
> > and executables.
>
> Signing discussion messages sent from one's TrueName to public forums
> seems like a bad idea in todays climate. Damages one's plausible
> deniability.
Actually signing stuff when you are using nyms, adds risk also in
terms of reducing scope for plausible deniability. Especially where
the nyms are low security, as in Toto's case.
PGP keyrings don't attempt to hide the identity names on the private
key ring, which doesn't help. They should use a mini- Ross Anderson
steganographic file system for the key ring, that way you never know
how many identities are hidden inside.
The simplest lowest risk policy is to sign no discussion messages. Of
course you want to not save sent messages, as pragmatically courts
seem to consider that equal or perhaps greater proof of authorship as
PGP signatures for which one has the key on the disk. (Again viz
Toto, lots of people had his keys, but he had his own sent messages
folder).
For personal email, you probably still mostly don't want to
transferably prove that you authored a document unless you intend to
enable the recipient to prove that you said that to third parties in
event of dispute. Therefore you should use non-transferable
signatures, which convince the receiver that you said it, but don't
mean anything when he tries to show them to third parties.
Adam
