Re: mailing list pgp signatures...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/12/09 19:05, quoth Rick Sewill:

> My thought is to pgp sign my mail.
> 
> Those who know me, who have spoken to me over the phone and have
> received mail from me, can save my signature from my mail and know the
> mail, and any future mail with that signature, is from me.

HOLD ON THERE BULLWINKLE!!!

Every message you send will have a different signature. Your signature is a
function of the content of your message and your private key. It can only be
verified using your public key. Saving a signature is of no value.

Signing a message says three things:

* You're reading a message from me, whoever I am.
* I can never say that I never said it (non-repudiation).
* The message is intact. It was not modified.

> Those who do not know me will have a valid, verified, but untrusted
> signature.  If these people have a problem with my mail, they should be
> able to track me down through my signature.

Not true. Public keys are not the same as a signature.

> If one receives mail that purports to be from me, and doesn't
> have a signature or does have a signature, but not my signature,
> I can claim I didn't send the mail, and hopefully, the person
> who created the signature can be tracked down through their
> signature.  I assume the key servers keep a log indicating what Internet
> address was used to register what signature and those records can be
> accessed if one can get a court order.

Not true and they do not.

- --
Time flies like the wind. Fruit flies like a banana. Stranger things have  .0.
happened but none stranger than this. Does your driver's license say Organ ..0
Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
individuals! What if this weren't a hypothetical question?
steveo at syslang.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkpbX1sACgkQRIVy4fC+NyRk8gCgir7aIHlJg5cmeQzqQcJOhoY4
uHIAn3v8Dzqwn4WWYExziEFnQeNVan0F
=vcfY
-----END PGP SIGNATURE-----

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux