Steve Bennett wrote:
But in any case, and this applies to Chris Howie as well, there is no real benefit to me in changing to an email client that "Has A Clue". Why would I care if your messages are signed or not? You can't prove that you didn't send an email even if it was signed incorrectly (that simply *doesn't prove* that you *did* send it). And I can't think of a situation where it would be vital for me to be absolutely certain that a message came from "you".
Not even in the wake of several admin accounts being hijacked by attackers? My PGP key is posted on my user page and has been for about a year now, I would be able to use that to prove my identity to administrators when reclaiming my account.
Having a PGP key also allows a particularly paranoid person to contact me more privately than simple email would allow, should they so desire, by encrypting their message with it. I can't think of a situation that would warrant that level of security but I think it's good to have it available in case one crops up.
Granted, neither of those things requires me to sign every email I send to this list. But it's because of signed mailing list postings that I have the PGP keys for most of the prominent Wikipedians who use them, I wouldn't have gone around hunting down the keys otherwise. It's a good way of making the keys ubiquitous and keeping the mechanisms for using them "in practice."