[PLUG] what is the point of PGP-signed emails?

Russell Senior seniorr at aracnet.com
Sun Dec 7 13:45:03 UTC 2003


>>>>> "Dan" == Dan Young <dan_young at parkrose.k12.or.us> writes:

Dan> Hence key-signing parties and web-of-trust. If David shows me two
Dan> pieces of ID and his pub key, I have a more reasonable
Dan> expectation that his signed messages come from him, [...]

I thought Jeme made an interesting point a few weeks ago, about the
pieces of ID being more or less superfluous in this situation.  If you
recognize the person standing in front of you as the person you think
it is, then it really doesn't matter who the State thinks they are.
The mapping between flesh and electronic communication what is
interesting.

That said, and just to blurt out something that has been bouncing
around in my head for a while, I don't see how signing my messages
does much for me, at least not directly.  I might _want_ to maintain
some ambiguity about what I did or didn't say (particularly when my
jokes aren't funny).  Signing messages is primarily a service to the
recipient, and only through that service, indirectly a service to the
sender.

-- 
Russell Senior         ``I have nine fingers; you have ten.''
seniorr at aracnet.com




More information about the PLUG mailing list