Pigeon wrote:
The main weakness of the system is in the key security; you can't
fully trust a key unless you have actually met the keyholder to get it
and checked that you didn't meet an impostor. This is only really
significant for spy-novel type situations, though, and doesn't
materially weaken
On Fri, Jun 13, 2003 at 02:31:13AM -0400, Travis Crump wrote:
Pigeon wrote:
The main weakness of the system is in the key security; you can't
fully trust a key unless you have actually met the keyholder to get it
and checked that you didn't meet an impostor. This is only really
significant
Pigeon writes:
It would be possible for $CYBERSPY to crack the keyserver and replace
$CYBERPAL's key with his own, then intercept all mails from $CYBERPAL,
replace the signature and send them on.
Which will do $CYBERSPY no good at all since his key will not carry any of
the signatures that
John Hasler wrote:
Pigeon writes:
It would be possible for $CYBERSPY to crack the keyserver and replace
$CYBERPAL's key with his own, then intercept all mails from $CYBERPAL,
replace the signature and send them on.
Which will do $CYBERSPY no good at all since his key will not carry any of
the
On Wed, Jun 11, 2003 at 09:11:21PM -0400, Mike M wrote:
On Wednesday 11 June 2003 16:39, Karsten M. Self wrote:
If you want your messages authenticated, sign them.
I just started with GPG and I'm still learning. I need some clarification
on the advice above. Are you saying that by
Pigeon writes:
The main weakness of the system is in the key security; you can't fully
trust a key unless you have actually met the keyholder to get it and
checked that you didn't meet an impostor.
Look up Web of trust.
--
John Hasler
[EMAIL PROTECTED] (John Hasler)
Dancing Horse Hill
On Wed, Jun 11, 2003 at 09:11:21PM -0400, Mike M wrote:
On Wednesday 11 June 2003 16:39, Karsten M. Self wrote:
If you want your messages authenticated, sign them.
I just started with GPG and I'm still learning. I need some
clarification on the advice above. Are you saying that by
Has anyone heard of bogus email undeliverable messages being used to
propogate virus? I just got such a message from a system I did not
recognize. I was tempted to investigate the attachments when I recalled that
real undelivered messages contain a lot of information about where it came
from
on Wed, Jun 11, 2003 at 03:44:15PM -0400, Mike M ([EMAIL PROTECTED]) wrote:
Has anyone heard of bogus email undeliverable messages being used to
propogate virus? I just got such a message from a system I did not
recognize. I was tempted to investigate the attachments when I recalled that
Yes I write an email script and look at any viri mail I can find. I've seen the
bogus undeliverable mails being used for this starting about 6-8 months ago, in my
observations.
OT: Also do not rule out a friend of yours uses winbloze and has a email worm
infection and may be sending out worm mail
On Wednesday 11 June 2003 16:39, Karsten M. Self wrote:
If you want your messages authenticated, sign them.
I just started with GPG and I'm still learning. I need some clarification
on the advice above. Are you saying that by signing all emails, then I can
positively distinguish real
11 matches
Mail list logo
