[PLUG] what is the point of PGP-signed emails?

Jeff Schwaber freyley at gmx.net
Sun Dec 7 17:12:02 UTC 2003


> That said, and just to blurt out something that has been bouncing
> around in my head for a while, I don't see how signing my messages
> does much for me, at least not directly.  I might _want_ to maintain
> some ambiguity about what I did or didn't say (particularly when my
> jokes aren't funny).  Signing messages is primarily a service to the
> recipient, and only through that service, indirectly a service to the
> sender.

You know, I have two problems with this whole discussion, and they're
both in implementation. Maybe I just haven't looked through the
documentation fully enough, but I cannot find (for evolution, and mutt,
though I haven't looked as much for mutt) a way to do either of these
two things:

1) semi-automagically store public keys on users who send me signed
emails, and truly automagically verify emails from users who have
already sent me emails, and

2) have a way, as I'm sending an email, to decide not to sign the email.
The only way I can find in Evolution is to change the actual settings,
which takes a while.

Plus, with lists, the emails _do_ get changed in transit, and so the
verification probably cannot be done automagically easily, as the
verification software needs to know how the emails should be changed to
get them back to verifiable state.

Jeff





More information about the PLUG mailing list