On Thu, Apr 13, 2000 at 08:51:06AM +0100, Chris Green wrote:
> On Wed, Apr 12, 2000 at 02:05:11PM -0600, Scott D. Yelich wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> >
> >
> > (1) I complained about a guy's 17 line signature that could
> > be compressed down to 4 lines... he complained about my 9
> > line PGP signature. clue.
> >
> Well I have to admit I have some sympathy with him there, I'd much
> prefer that people *didn't* post PGP signed messages where it isn't
> necessary. It's just extra noise that has to be filtered out by some
> means or other. Why should I have to set up my MUA to handle
> something that isn't necessary for me - it's similar to HTML in many
> ways.
I disagree. PGP signed messages provide a defense against forgeries.
Reputation is your currency on the net and PGP signing helps you defend
against it.
Differences of PGP signing as compared to HTML Mails
1. No work is necessary to read the base message with any MUA.
2. PGP does not aid spammers in tracking their mail databases.
3. PGP in mail messages is defined in a variety of RFCs.
4. Filtering out of PGP signatures is relatively easy, procmail scripts are
available.
5. There is measureable benefits for both sender and recipient assuming both
are interested in the contents of the message.
6. No security holes are created by using PGP signing in sending of messages
7. No security holes are exposed by reading PGP signed messages.
/Duncan
--
Duncan Watson
nCube
