Mailinglist Archive: opensuse-security (457 mails)
| < Previous | Next > |
Re: AW: [suse-security] ID wwywxugwisi... thanks
- From: Ray Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 18 Feb 2004 11:03:15 +0200
- Message-id: <1077094995.2759.87.camel@xxxxxxxxxxxxxxxxx>
On Wed, 2004-02-18 at 09:53, dag Danczul Georg wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> I agree too. Where, when not in security lists could this done for testing?
>
Yeah, me too ... but ...
> georg
>
>
> - -----Ursprüngliche Nachricht-----
> Von: john@xxxxxxxxxxxx [mailto:john@xxxxxxxxxxxx]
> Gesendet: Dienstag, 17. Februar 2004 18:50
> An: suse-security@xxxxxxxxxxxxxx
> Betreff: RE: [suse-security] ID wwywxugwisi... thanks
>
>
>
>
> I agree that it's a dumb idea, but these virii don't know and don't care
> what the purpose of this list is. Someday some nitwit will stumble onto a
> piece of code that exploits an as-yet undiscovered flaw in one or more
> linux email clients, and we'll have a small disaster. It's just plain
> naive to think this will never happen. Perhaps later than sooner, but
> there is a lot more likelyhood that it will than it won't.
>
> Since it does no good to complain without offering a solution, here's an
> idea:
>
> Why not require all messages posted to this list to be signed with the
> users's gpg key? Building functionality into the list daemon to verify
> signatures would be easy task and would also help cut back on the spam
> that invades this list from time to time. Users can supply their public
> key at subscription time or it can be pulled from a keyserver when the
> users posts. It's really not a huge inconvenience...
>
>
> I'm signing this post to show how easy it is.
>
my mail is also signed by my email client. Will the list server be able
to figure out all the different ways that a signature is attached?
>
>
> Just my modest input...
>
> ......
>
> -----BEGIN PGP SIGNATURE-----
> Version: CryptoEx OpenPGP Engine Version 2.1
> Comment: KEBA CryptoEx Business Server - http://www.cryptoex.com
>
> iQA/AwUBQDMZ6X+RlK7Q2OA0EQI3vQCgyGBP/lHHXmh8uFLk/FT4T0QsyXgAoI/3
> 1jCOQq9scpF2z7jxcfkdiGkq
> =nGkF
> -----END PGP SIGNATURE-----
--
--
Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx>
Network Support Specialist
http://www.knowledgefactory.co.za
"lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import"
Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28
--
> -----BEGIN PGP SIGNED MESSAGE-----
>
> I agree too. Where, when not in security lists could this done for testing?
>
Yeah, me too ... but ...
> georg
>
>
> - -----Ursprüngliche Nachricht-----
> Von: john@xxxxxxxxxxxx [mailto:john@xxxxxxxxxxxx]
> Gesendet: Dienstag, 17. Februar 2004 18:50
> An: suse-security@xxxxxxxxxxxxxx
> Betreff: RE: [suse-security] ID wwywxugwisi... thanks
>
>
>
>
> I agree that it's a dumb idea, but these virii don't know and don't care
> what the purpose of this list is. Someday some nitwit will stumble onto a
> piece of code that exploits an as-yet undiscovered flaw in one or more
> linux email clients, and we'll have a small disaster. It's just plain
> naive to think this will never happen. Perhaps later than sooner, but
> there is a lot more likelyhood that it will than it won't.
>
> Since it does no good to complain without offering a solution, here's an
> idea:
>
> Why not require all messages posted to this list to be signed with the
> users's gpg key? Building functionality into the list daemon to verify
> signatures would be easy task and would also help cut back on the spam
> that invades this list from time to time. Users can supply their public
> key at subscription time or it can be pulled from a keyserver when the
> users posts. It's really not a huge inconvenience...
>
>
> I'm signing this post to show how easy it is.
>
my mail is also signed by my email client. Will the list server be able
to figure out all the different ways that a signature is attached?
>
>
> Just my modest input...
>
> ......
>
> -----BEGIN PGP SIGNATURE-----
> Version: CryptoEx OpenPGP Engine Version 2.1
> Comment: KEBA CryptoEx Business Server - http://www.cryptoex.com
>
> iQA/AwUBQDMZ6X+RlK7Q2OA0EQI3vQCgyGBP/lHHXmh8uFLk/FT4T0QsyXgAoI/3
> 1jCOQq9scpF2z7jxcfkdiGkq
> =nGkF
> -----END PGP SIGNATURE-----
--
--
Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx>
Network Support Specialist
http://www.knowledgefactory.co.za
"lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import"
Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28
--
| < Previous | Next > |