[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: More about GPG signing

On Thu, 10 May 2012 18:57:45 +0100, Tony van der Hoff wrote:

> I've learned a lot about GPG signing during the last few days. I can see
> there are benefits where the recipient needs to be absolutely certain
> that the sender is known to him.


And also the sender wants to ensure his/her posts are not impersonated.

<mode remember on>

We once faced a problem with faked posts in another mailing list. There 
was a user (with a severe Tourette Syndrom) that sent messages with the 
intention to fake the real sender who were usual participants on that 
mailing list. Since that episode, many users started to sign their posts 
to avoid further problems and misinterpretations.

</mode remmber off>

> That is certainly not the way mailing lists work, so causing a block of
> some 400 characters to be sent to each and every subscriber is pure
> self-indulgence, on the scale of insisting on sending HTML-formatted
> mail. On balance, I think I prefer the latter.

Not at all because is not a sender's problem that the recipient of his/
her message uses a MUA that can't handle GPG/GPG signatures. And there is 
no rule in Debian mailing list Code of Conduct that says nothing against 
the usage of this while there is one about using HTML based formatted 
posts. In the end, GPG/PGP signatures can be also handled from a terminal 
console and they don't break the content of the message which can be 
still be read in clear text (even if they cannot be verified) thus you 
can't compare the hassle that causes a GPG/PGP signature with the 
nuisance of HTML messages: GPG/PGP signatures fallback mode is user-
friendly and fair.

> I have come to the conclusion that a GPG signature in these
> circumstances says more about the sender's sense of self-importance than
> anything else.

I don't know how is that you reached to that conclusion. Maybe is that 
you should revisit your understanding on what a GPG/PGP signature is all 



Reply to: