[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Challenge-response mail filters considered harmful



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alan Connor wrote:
|
|
| Thanks Chris. Still doesn't make sense to me and [...]

That's no disgrace.  Understanding public-key encryption takes, if not
quite an *average* level of intelligence, at least a level that is by no
means universal.

The only problem is that you still see fit to lecture the rest of us on
how to handle email issues, despite admitting that you cannot understand
something that is quite clear to the majority of those that take an
interest.


I am seriously considering
| writing a stanza in my newsreaders filters that will dump any posts with
| PGP sigs.
|
| 1) Neither I nor anyone I know cares if you are who you say you are or
not.
|    ( In fact, someone could forge your PGP sig  because most people don't
|      have the software, and do you MORE harm that way. How would you prove
|      which of  two nearly simultaneous posts with the EXACT same PGP
sig on them
|      was the real one. )

Actually, I think this alanc@localhost *is* a fraud.  Even the real Alan
Connor must realise that the signature is actually generated from a hash
of the message as well as the signing key, and will only verify on the
exact message that it was generated from.  If I took
alanconnor@earthlink.net out of my killfile, I'd probably start to see
lots of posts screaming that some guy was trying to make him look like
an idiot, and wishing there was some way of demonstrating that he wasn't
writing those posts.


- --
Andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/LtLJqEms0aLHW4URAuuJAJ445/IzER7GOhPMsExAD6oZBtrSJACfeWyv
ugv/K5hqjMN/+vTF5QHhXeQ=
=51sv
-----END PGP SIGNATURE-----



Reply to: