On 08/04/12 12:26, Chris Bannister wrote: > On Sat, Apr 07, 2012 at 03:49:09PM -0500, Indulekha wrote:
<snipped> > >> If you and I work together on a secret project for a defense contractor, >> or in banking or something it makes senseto sign business-related emails >> to one another. Yes. Conditionally. My personal opinion is that *all* business communications should be fully encrypted, as should much personal messages. If you wouldn't put the information on a postcard and snail mail it - then it should be encrypted. It's always risky trying to determine what should be kept secret. (IMO) The best option it to encrypt everything unless you have a compelling reason not to. There are no shortage of fools and untrustworthy types who claim the very act of securing information is suspicious - they're wrong. Everyone has something they should hide and/or secure (that's why we have curtains, clothes, and locks). Many Defence related contracts require *all* correspondence to be encrypted and signed. > For casual communication it's just madness. No. But that's not to say that some people won't endorse your reasoning. Some people will complain about receiving plain text mail also. I always setup Enigmail in builds with the default Icedove set to sign by unencrypted emails using PGP/Mime and *not* trusting keys, by default, and, requires a passphrase (user's know how to turn off signing on a per email basis). I also sign there keys. So if I get signed mail from them I *know* the message is unaltered, that it *was* sent by the person who controls that email account, and that they *are* who they say they are. That's three important elements of trust. Cases in point:- I've had several instances where I've received unsigned mail from the mail accounts of people who would normally send signed email from boxes built using my SOE. As the emails urged me to follow a link to a dodgy sounding business scheme my first instinct was to bin the messages - then I noticed the missing PGP signatures... In both instances the sender had used an untrusted box to access their email on-line (instead of their Debian box using Icedove) and the untrusted box stole their password. I've received a number of digitally signed scams purporting to be from people or businesses I should trust. *This type of scam will increase* because many people don't understand the importance of being able to verify the signer's identity. This is why key-signing and a chain of trust is important. I note that chains of trust have flaws also - we make it a policy never to trust a key unless we're in the chain of trust, or we contact the sender by an independent means and verify the fingerprint. > > I suppose you mean encrypting, you can still read signed mail. The point > to note is that *if suddenly* two people start encrypting their mail, > that alone will set off alarm bells Yes - though it presupposes "someone" is monitoring that email. Which would make a compelling reason *to* encrypt email. > and basic detective/"social > engineering" work would reveal more than you would like. About the contents of the encrypted mail? Please elaborate and/or file a bug report. That's not to say you should always sign mail. It's delusional to sign mail if your identity can't be verified. And it's pointless signing mail if you wish to hide your identity. There can be valid reason for using a pseudonym - but not always eg. I'd have to seriously question why I'd trust anyone not living in China (or somewhere similar) who uses a pseudonym when posting to this list. > If you encrypt > your mail all the time (not sure who does) Lot's of people. It's a requirement in many areas of business. > then the chances of anyone > wasting resources to "see what's up" is considerably lower. > I'm not sure that's a logical conclusion, but I'm not Bruce Schneier or Moxie Marlinspike (yes I know Moxie is a pseudonym). I'm also not sure who you think is going to "see what's up" - or why we shouldn't deliberately waste their resources. This has been a long and interesting thread (which has gone long enough). My point is that PGP signing and encryption is good. (IMO) In many instances it's sound logic to apply it to email, and posts to a list - but digital signatures are only useful if the recipients can, or will, verify the signature *and* the identity of the signer can also be verified. eg. Knowing the email Easter Bunny sent you is unaltered because it validates proves what? It certainly won't protect Easter Bunny from pretenders, or us from Easter Bunny's sock puppet army, or even not signing occasionally (and faking an account hijacking) - it just substitutes trust (certainty) with faith (wishful thinking). A poor trade. Kind regards -- Iceweasel/Firefox/Chrome/Chromium/Iceape/IE extensions for finding answers to questions about Debian:- https://addons.mozilla.org/en-US/firefox/collections/Scott_Ferguson/debian/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f810c1a.1060...@gmail.com