[49994] in North American Network Operators' Group
Re: Evil PGP sigs thread must die. was Re: Stop it with
daemon@ATHENA.MIT.EDU (Brad Knowles)
Mon Jul 15 11:42:34 2002
In-Reply-To:
<Pine.BSF.4.44.0207101536210.3792-100000@thunder.xecu.net>
Date: Mon, 15 Jul 2002 17:35:01 +0200
To: nanog@nanog.org
From: Brad Knowles <brad.knowles@skynet.be>
Errors-To: owner-nanog-outgoing@merit.edu
At 3:45 PM -0400 2002/07/10, Andy Dills wrote:
> Lest anybody confuse my argument, I think PGP signatures are a good thing.
> I just don't think people need to sign everything they send. And I'm
> talking about posts to Nanog here, not private communication. In private
> communication, it's reasonable to sign most everything sent with official
> business purpose.
No. It is precisely the public e-mail messages which should
always be signed, since they are the ones likely to reach the largest
audience, and the ones that are likely to have the biggest negative
impact if they are successfully spoofed.
You should sign all private e-mail, too, but the public e-mail
messages are the ones that need it the most.
--
Brad Knowles, <brad.knowles@skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
