--
James A. Donald:
> > I intended to sign this using Network Associates command
> > line pgp, [6.5.8]only to discover that pgp -sa file
> > produced unintellible gibberish, that could only be made
> > sense of by pgp, so that no one would be able to read it
> > without first checking my signature.
David Howe
> you made a minor config error - you need to make sure
> clearsign is enabled.
James A. Donald:
> > I suggest that network associates should have hired me as
> > UI design manager, or failing, that, hired the dog from
> > down the street as UI design manager.
David Howe
> It's command line. Most cyphergeeks like command line tools
> powerful and cryptic :)
We also like the most common uses to be *on* the command line.
If the option is not on the command line, it is *not* powerful
and it is a little too cryptic.
The pgp.cfg file is empty by default on my machine, the cfg
file options are nowhere documented, clearsigning is nowhere
documented, and "Clearsign=on" did not work.
In the last generally useful version of pgp (pgp 2.6.2) pgp -sa
gave clear signing, but it was unusable, because trivial
differences, such as the unix/windows difference on carriage
returns would cause the signature check to fail. Because there
were so many false negatives, no one would check clearsigned
signatures.
I conjecture that in pgp 6.5.8 they have addressed this problem
by making clear signatures as inaccessible as possible, rather
than by fixing it.
I could get clearsigning by telling my pgp 6.5.8 to be
compatible with 2.6.2, but I have already discovered that 2.6.2
clear signing was hopelessly broken.
Had clear signing worked, then everyone with a valuable domain
name would have used the pgp interface to control their domain
names, to ensure that one's domain name could not be hijacked,
as so many domain names have been.
This would have created a massive base of pgp users. However,
due to architectural defects in pgp, design bugs rather than
coding bugs, this use of pgp was broken, and so was seldom
used, and eventually ceased to work entirely. Presumably there
was no maintenance on the pgp inteface to domain name control,
because no one was using it.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
MUiyRJ8PRbLCXnVMWCpeKvsn5GdOlAB9t6O7K0Hb
4GBcVbBHZFN0vg8apVt35e9Y2khaPdgrM+Y6uOys6
