On Tue, 27 May 2008 11:27:10 +0200 Wolf Canis <[EMAIL PROTECTED]> wrote:
> Agreed, because of the way the subscription process works. The way how > someone subscribed to a list is _only_ with a e-mail address. This > would change if the subscription process would demand a signature. Absolutely. I just wonder how many people will choose not to use such kind of list in order not to sacrifice their anonymity. > No fully agreed, because if someone is signing his messages, all other > subscribers have the possibility to see whether it's the same person > or not. Not in the sense of real live identity but at least same Nick > or Name. In my case for example "Wolf Canis". Would know a message > reach the ML with my Name but no signature or a different signature, > could one relatively be sure about the fact that this particular > message is not from the original "Wolf Canis". It also might be the same person signing with different keys or sometimes signing somtimes - not. What's the difference for the other guys on the list - in both cases they will get some junk before the offending account is stopped. What's the difference for the sender - guilty or not, his address gets blacklisted. > Why not? Every public key is downloadable, except one created a key > and forgot to upload the public key, in this case is his/her signature > pointless. Forgot, choosed not to, didn't renew... I believe it's the majority, but I may be wrong. > > Bottom line: I see no reason for signing messages to MLs like this > > one. > > Disagree, because of the possibility that without signatures it's > relatively easy to bring a subscriber into discredit. Relatively easy? Well, hereby I give you my blessing and dare you to send a "proof of concept" message to this list imposing as me. Additional condition: you must have no other access to Gmail than what is granted to everyone outside the company. If you succeed I promise to sign every single email I send from that point on. :) -- Best regards, Daniel -- gentoo-user@lists.gentoo.org mailing list