Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] Re: Why Install Telnet by Default?
  • From: "Carlos E. R." <robin1.listas@xxxxxxxxxx>
  • Date: Fri, 9 Dec 2005 16:22:26 +0100 (CET)
  • Message-id: <Pine.LNX.4.61.0512091614540.22108@xxxxxxxxxxxxxxxx>
Hash: SHA1

The Thursday 2005-12-08 at 22:28 -0800, Crispin Cowan wrote:

> Funny story: I started using Enigmail (GPG plugin for Mozilla mail
> client) about 5 years ago. For six months, all of the mail I sent out
> everywhere was GPG-signed. Then I upgraded Mozilla, it broke the (not
> yet supported) Enigmail plugin, and I couldn't be bothered to fix it. So
> I started sending out mail with no digital signatures.
> Now, according to the usage models of public key signed documents, I
> *should* have started receiving complaints from people about "Crispin
> usually signs his mails, and this is not signed; are you an imposer or
> what?" But that *never* happened. Not once. This convinced me that very,
> very few people actually check digital signatures, and thus they are of
> very little value in casual correspondence :(

If the MUA kept track of signatures, it could warn if someone started to
send non signed email. This info could be kept with the address book; for
example, mozilla stores "prefers html" info.

In the suse-linux-s list we had a period when somebody impersonated other
people, creating quite a nasty turmoil. Many of the old hands there use
pgp/gpg signatures routinely.

- --
Carlos Robinson
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76


< Previous Next >