Evil PGP sigs thread must die. was Re: Stop it with putting your e-mail body in my MUA OT
Andy Dills
andy at xecu.net
Wed Jul 10 19:15:33 UTC 2002
On Wed, 10 Jul 2002, Jordyn A. Buchanan wrote:
> On 7/10/02 3:01 PM, "Andy Dills" <andy at xecu.net> wrote:
>
>
> > Ah, and that's where the arrogance comment came from. You assume that the
> > members of nanog care. I'm not trying to call you an arrogant person, and
> > I recognize that you're not being blatantly arrogant, it's more of a
> > passive assumption. The passive assumption is that your words are
> > important enough that somebody might want to verify them. So, does EVERY
> > email need to be pgp signed?
>
> If you don't reliably sign your e-mails, it becomes very easy for someone to
> send a spoofed message without a signature and have people believe it is
> authentic. If you do reliably sign your e-mails, then others may realize
> that something is awry when an unsigned message is sent out. Even if the
> signatures are rarely checked, consistency of signing is a useful function
> by creating an expectation of trusted communications.
Uhm, one HUGE problem with that.
If people judge authenticity based on the simple fact that a message is
signed, that's just as useless. Why wouldn't the spoofed email be signed
with somebody else's key, to make it past all those people who merely
check to see if it's signed?
The _only_ way to verify authenticity is to check the signature. By
signing every single email sent, you endanger yourself by allowing your
recipients to judge the authenticity of your emails simply by the
existence of a pgp signature.
Therefore, you should only sign emails that contain information important
enough that verification is necessary, otherwise nobody will check.
Andy
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills 301-682-9972
Xecunet, LLC www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access
More information about the NANOG
mailing list