-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hubert Chan <[EMAIL PROTECTED]> writes:
[snip] > BTW, I don't know why people sign their mail to mailing lists (other than > things like debian-security-announce). I do it because I think that all > e-mail, and for that matter, all internet traffic, should be encrypted. > Of course this doesn't work on a mailing list (although there is an > attempt to make a mailing list where it works), and signing seems to be > the next best thing. It's also a big proclamation that "I am a PGP/GnuPG > user," along with my sig that says, "Please encrypt *all* e-mail to me." > ;-) It gives you one facet of someone's identity for later use - eg if I wanted to know if you're the same Hubert as elseplaces, I'd compare GPG-keys. Or if I wanted to know if someone else of the same name wasn't you, I'd compare GPG-keys. IOW, of itself a signed message proves nothing. OTOH when you put it with other things, it starts to add crypto-strong value. ~Tim - -- The blade cuts clean through |[EMAIL PROTECTED] the island soil, |http://spodzone.org.uk/ The years roll back and | the world grows small | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.5 and Gnu Privacy Guard <http://www.gnupg.org/> iEYEARECAAYFAjtLS40ACgkQh3MeQyZWueTefgCfYjUNwSu9GNXHtWwooPPnHWgS RsQAoIa6w4QHUaO9vlzQPdmEibY0biTe =DW8P -----END PGP SIGNATURE-----