> On Feb 1, 2014, at 18:18, John C Klensin <john-ietf@xxxxxxx> wrote: > > Indeed, it might be interesting as a first > step to fix > the IETF list so it wouldn't accept unsigned messages. I don't think this is a good idea. First, it would raise technical barriers to participation; now one would have to install software other than email software, configure it correctly and point ietf to the signing key (no?)... (unless the list doesn't do an actual sig check, in which case what's the point?). Second, while I and others are comfortable with a default-sign policy, I know many more people that are very picky with non-repudiability and things they cryptographically sign. Finally, I'm not comfortable keeping keys on mobile devices (signing or otherwise), which would mean emails I send from those devices like this one will not be signed. Am I missing something? I can imagine many of us have longer keys since the last IETF, so I'd definitely be interested in a signing event. best, Joe -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology https://www.cdt.org/