-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160
In my opinion as well, it is much more annoying to have to scroll through multiple copies of the entire digest, or over- long threads, as opposed to the privacy headers. Personally, I prefer the in-line ASCII headers as opposed to the MIME attachments, as for those of us subscribed in digest mode, it is often hard to match the signature to the text. At least in the clearsigned version, that's obvious.
White Cat, you share this list with many others, many of whom value both their privacy and the ability to confirm their wiki identities when necessary.
Avi
From: "White Cat" wikipedia.kawaii.neko@gmail.com To: "English Wikipedia" wikien-l@lists.wikimedia.org Date: Thu, 29 May 2008 21:38:28 +0300 Subject: [WikiEN-l] -----BEGIN PGP SIGNED MESSAGE-----? Some emails start and end with "-----BEGIN PGP SIGNED MESSAGE-----", can people please disable that thing when emailing mailing lists. It looks quite ugly.
- White Cat
I do not quite understand. I can see the email address of people using -----BEGIN PGP SIGNED MESSAGE----- just fine. What privacy are we talking about?
I was asking over curiosity mostly.
-- White Cat
On Fri, May 30, 2008 at 1:33 AM, Avi avi.wiki@gmail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160
In my opinion as well, it is much more annoying to have to scroll through multiple copies of the entire digest, or over- long threads, as opposed to the privacy headers. Personally, I prefer the in-line ASCII headers as opposed to the MIME attachments, as for those of us subscribed in digest mode, it is often hard to match the signature to the text. At least in the clearsigned version, that's obvious.
White Cat, you share this list with many others, many of whom value both their privacy and the ability to confirm their wiki identities when necessary.
Avi -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) - GPGshell v3.64
iEUEAREDAAYFAkg/LzcACgkQy6A/RnheoimdGQCggdmnbCsGV3pn1p5yWeHaNp7j B3kAl27bPb+Lfw6QzNlkh+AZdEDOSps= =ni5h -----END PGP SIGNATURE-----
From: "White Cat" wikipedia.kawaii.neko@gmail.com To: "English Wikipedia" wikien-l@lists.wikimedia.org Date: Thu, 29 May 2008 21:38:28 +0300 Subject: [WikiEN-l] -----BEGIN PGP SIGNED MESSAGE-----? Some emails start and end with "-----BEGIN PGP SIGNED MESSAGE-----", can people please disable that thing when emailing mailing lists. It looks quite ugly.
- White Cat
-- en:User:Avraham
pub 1024D/785EA229 3/6/2007 Avi (Wikipedia-related) aviwiki@gmail.com Primary key fingerprint: D233 20E7 0697 C3BC 4445 7D45 CBA0 3F46 785E A229 _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
White Cat wrote:
I do not quite understand. I can see the email address of people using -----BEGIN PGP SIGNED MESSAGE----- just fine. What privacy are we talking about?
I was asking over curiosity mostly.
-- White Cat
On Fri, May 30, 2008 at 1:33 AM, Avi avi.wiki@gmail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160
In my opinion as well, it is much more annoying to have to scroll through multiple copies of the entire digest, or over- long threads, as opposed to the privacy headers. Personally, I prefer the in-line ASCII headers as opposed to the MIME attachments, as for those of us subscribed in digest mode, it is often hard to match the signature to the text. At least in the clearsigned version, that's obvious.
White Cat, you share this list with many others, many of whom value both their privacy and the ability to confirm their wiki identities when necessary.
Avi -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) - GPGshell v3.64
iEUEAREDAAYFAkg/LzcACgkQy6A/RnheoimdGQCggdmnbCsGV3pn1p5yWeHaNp7j B3kAl27bPb+Lfw6QzNlkh+AZdEDOSps= =ni5h -----END PGP SIGNATURE-----
From: "White Cat" wikipedia.kawaii.neko@gmail.com To: "English Wikipedia" wikien-l@lists.wikimedia.org Date: Thu, 29 May 2008 21:38:28 +0300 Subject: [WikiEN-l] -----BEGIN PGP SIGNED MESSAGE-----? Some emails start and end with "-----BEGIN PGP SIGNED MESSAGE-----", can people please disable that thing when emailing mailing lists. It looks quite ugly.
- White Cat
-- en:User:Avraham
pub 1024D/785EA229 3/6/2007 Avi (Wikipedia-related) aviwiki@gmail.com Primary key fingerprint: D233 20E7 0697 C3BC 4445 7D45 CBA0 3F46 785E A229 _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Best! Jon
I can see your email. What privacy?
On Fri, May 30, 2008 at 2:01 AM, Jon scream@datascreamer.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
White Cat wrote:
I do not quite understand. I can see the email address of people using -----BEGIN PGP SIGNED MESSAGE----- just fine. What privacy are we talking about?
I was asking over curiosity mostly.
-- White Cat
On Fri, May 30, 2008 at 1:33 AM, Avi avi.wiki@gmail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160
In my opinion as well, it is much more annoying to have to scroll through multiple copies of the entire digest, or over- long threads, as opposed to the privacy headers. Personally, I prefer the in-line ASCII headers as opposed to the MIME attachments, as for those of us subscribed in digest mode, it is often hard to match the signature to the text. At least in the clearsigned version, that's obvious.
White Cat, you share this list with many others, many of whom value both their privacy and the ability to confirm their wiki identities when necessary.
Avi -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) - GPGshell v3.64
iEUEAREDAAYFAkg/LzcACgkQy6A/RnheoimdGQCggdmnbCsGV3pn1p5yWeHaNp7j B3kAl27bPb+Lfw6QzNlkh+AZdEDOSps= =ni5h -----END PGP SIGNATURE-----
From: "White Cat" wikipedia.kawaii.neko@gmail.com To: "English Wikipedia" wikien-l@lists.wikimedia.org Date: Thu, 29 May 2008 21:38:28 +0300 Subject: [WikiEN-l] -----BEGIN PGP SIGNED MESSAGE-----? Some emails start and end with "-----BEGIN PGP SIGNED MESSAGE-----", can people please disable that thing when emailing mailing lists. It looks quite ugly.
- White Cat
-- en:User:Avraham
pub 1024D/785EA229 3/6/2007 Avi (Wikipedia-related) aviwiki@gmail.com Primary key fingerprint: D233 20E7 0697 C3BC 4445 7D45 CBA0 3F46 785E
A229
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Best! Jon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIPzXR6+ro8Pm1AtURApsJAKC83n4P2QWEhGfiUhH04ryhz0IkpQCbBBAF LCt+EejG6StKi0wusIwBzzM= =hgAp -----END PGP SIGNATURE-----
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Have you read the article in Wikipedia? Best, Jon
White Cat wrote:
I can see your email. What privacy?
2008/5/30 White Cat wikipedia.kawaii.neko@gmail.com:
I can see your email. What privacy?
Without looking at the link you've been shown twice now, I'm guess the IP address.
And I agree with a previous poster, that leaving all the old text from previous messages is even more messy and annoying than PGP text.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Al Tally wrote:
2008/5/30 White Cat wikipedia.kawaii.neko@gmail.com:
I can see your email. What privacy?
Without looking at the link you've been shown twice now, I'm guess the IP address.
And I agree with a previous poster, that leaving all the old text from previous messages is even more messy and annoying than PGP text.
You can see the email, because I only signed it. Signing it verifies that I am who I say I am. NonvocalScream at WMF projects.
The privacy aspect comes into play should I choose to encrypt my message.
Masking an IP address is not a function of PGP.
Best, Jon
I really do not see the point at all. - White Cat
On Fri, May 30, 2008 at 2:13 AM, Jon scream@datascreamer.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Al Tally wrote:
2008/5/30 White Cat wikipedia.kawaii.neko@gmail.com:
I can see your email. What privacy?
Without looking at the link you've been shown twice now, I'm guess the IP address.
And I agree with a previous poster, that leaving all the old text from previous messages is even more messy and annoying than PGP text.
You can see the email, because I only signed it. Signing it verifies that I am who I say I am. NonvocalScream at WMF projects.
The privacy aspect comes into play should I choose to encrypt my message.
Masking an IP address is not a function of PGP.
Best, Jon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIPzip6+ro8Pm1AtURAgThAJ4li7MY8HEkTQFxXQ6oB8g8V9503QCcDYg6 h5/jf54SDVQD6JF8ZC5bHNo= =px8S -----END PGP SIGNATURE-----
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
White Cat wrote:
I really do not see the point at all.
- White Cat
Fall back on that we all share this list :) and some if not most use PGP. I apologize for the inconvenience.
Very breast, Jon
You can see the email, because I only signed it. Signing it verifies that I am who I say I am. NonvocalScream at WMF projects.
Can't you sign it with just a signature? That is, something which goes at the bottom of the email? The line at the top is completely pointless - if I care about whether or not an email is signed, I'll scroll down to the bottom where I would expect to find the signature. A correctly formatted signature can be hidden by most email clients, I believe, then you wouldn't be annoying anyone.
Thomas Dalton wrote:
You can see the email, because I only signed it. Signing it verifies that I am who I say I am. NonvocalScream at WMF projects.
Can't you sign it with just a signature? That is, something which goes at the bottom of the email? The line at the top is completely pointless - if I care about whether or not an email is signed, I'll scroll down to the bottom where I would expect to find the signature. A correctly formatted signature can be hidden by most email clients, I believe, then you wouldn't be annoying anyone.
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
The Point of the PGP sign is to verify that it was indeed from the sender and not modified. Anyone can spoof a sig.
--CWii
On 01/06/2008, John compwhizii@gmail.com wrote:
Thomas Dalton wrote:
You can see the email, because I only signed it. Signing it verifies that I am who I say I am. NonvocalScream at WMF projects.
Can't you sign it with just a signature? That is, something which goes at the bottom of the email? The line at the top is completely pointless - if I care about whether or not an email is signed, I'll scroll down to the bottom where I would expect to find the signature. A correctly formatted signature can be hidden by most email clients, I believe, then you wouldn't be annoying anyone.
The Point of the PGP sign is to verify that it was indeed from the sender and not modified. Anyone can spoof a sig.
I mean a PGP sig, but as an actual sig, not something at the top of the email that serves only to annoy people.
Thomas Dalton wrote:
On 01/06/2008, John compwhizii@gmail.com wrote:
The Point of the PGP sign is to verify that it was indeed from the sender and not modified. Anyone can spoof a sig.
I mean a PGP sig, but as an actual sig, not something at the top of the email that serves only to annoy people.
PGP needs that line at the top to indicate where the verified text begins. If PGP doesn't check exactly the same chunk of text that was signed it'll fail to verify, sort of like how earlier in this thread someone was complaining about a mail client that had added a single space to an encrypted block of text which resulted in the whole message being broken.
I use a gmail email which effectively hides the IP. If I remove the PGP text the "- show quoted text -" don't always work well.
- White Cat
On Fri, May 30, 2008 at 2:10 AM, Al Tally majorly.wiki@googlemail.com wrote:
2008/5/30 White Cat wikipedia.kawaii.neko@gmail.com:
I can see your email. What privacy?
Without looking at the link you've been shown twice now, I'm guess the IP address.
And I agree with a previous poster, that leaving all the old text from previous messages is even more messy and annoying than PGP text.
-- Al Tally (User:Majorly) _______________________________________________ WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: https://lists.wikimedia.org/mailman/listinfo/wikien-l
Yes, that is true. As has been explained by others, the privacy element comes in to play with encryption. For example, only NonvocalScream and myself (outside of the NSF, and probably including them too) will be able to decrypt the following message:
-----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.9 (MingW32) - GPGshell v3.64
hQQOA5tRR7fEWjr2EA/7BQUb1Ck+dhJEe7fi0ph3vRYIVAGn0htZq6sdOuTwFU7Z BhdmX9i9IEIa784la/wshCX3N5D/nJZhEQDodNHlpA0x5qoXxhlez3/Da3rHvLiv Kl2TBFtcygVrvca0Q6T0757M+7GidWA/NGmMydvGylYNabVhNlfMQDf8g6EMoE0f jBqwCl+eiuEnWvmtdpxQexkndoVG/A1Y8UAcvEaHi2IFT03EMu6TqhoYnZuF1Qbu T9hnNwqBCqcokYk02ef7MK1AH8bWTm+ZfJ49S1pu183wqShwf9btEiqNgo9sQ7C8 1CLk2cBlcqlNxifNAWRM9AKLN+aOOcFa90W1b3rQjmYpW2ADiYMqlyyCYtbrZxxM RhmWGYuVqTdAHbyE7WwnQXm801nqqOvu8WBrFNTlw8Ay9QIODO0Lgk56Cf1iCG5P sDyjKePz2D3+TRNlLNAtcmIb0KZTn9y+MI+8nCSGUS6aiRakKhGsVT/X6crpP1En ae4ywurGti1j5+6J0CvqEjJa/He6TQAjU3ss+3RloRWWWfde5lUPK4S7X78J0ROk /Q644yWpjOWBw2OVnBoWjymtxr44x4pwgJitRnzgPv7DFw7xBWIjuIuGeF2wu97B bGaE3iC8b82KoOtthHp/DRjk/bTziw+gp6DxqrKuwe5jrkz5fi8WBfGiTQcDFYQQ ALgDbjsrBFDmhj3Gj6MOo7tAu6Y3yIhQm21zbaV6vOb7D0/XdlZ78bFqhSGf2u1V 6UY0xuYCFMvBj4NcVgzT7lWfAdNg+aLF2YDf9ED7Ql+UZz/J97Fj9MsBhrfj95VO lQIsHGNUDk3PT2PSyG6437L/7XHofOUg8SRmHqqa/awS7RJI14saU/aScJKxdiXZ QpPpLEsf95NmPhelu2L33MueHXaVJqJDO8aYWeblGaT2Xz8fByjpbq5vwXJgfkPD 0ik6fyLA5tIvuqrvGoiZPo9R8DHX6TeBb2PlF9hTWri+FiZDo51f2Nqm1TneyAhn DzguXVhPnh57GAtgZk2X/9VAPKGFsEX6tWLaE5J4rtgOLatNPGpGkUy4kgBmA2LH IMz2TUW3xf5LNHoG8IOpZP4EsuuSygxOLW6IAI2oWozEgBD1OMg5evii5hmIoI2b G/66VeT2xKRq/zNyVXc9qLU1HarZwZtdJvS4RdBT+Yg0K9rE789lTHlVK0szediw QO11o23304pES/8wz1XCBkspzf1N1kMDXA422s/R+BvsKgS09JHU30E1h5qhzXPn qkZww6R2nUl7AltUVDLPcjLMIM24wKEIL8v93P1wet5oIoDh19BbeUzjQOBb2+Sf 8z7ent89OXearmJUxAfNv4/Ob9WXYT8U58rN2e60n1a5hQIOA9aoHBlhvU2XEAgA yXUdGf8pzKHcCsF+SSli4t2tqzpAyvG4dCaJIiicRIl7Mq8c0urmvW886zk/+wSN 9/4Lo3uR8rCHbQrd5U0ZYGWsNTgyg/Yo1rb75BtgvVnvqvdTdlN+NEd98wbVicsy x8yY5XezjdafdvK+whHj2wjclDjxeRESmsUns1KCTC2vKcKCFRRpW//PmKYv52WH fuAHcNEEPpLuhPELkP8NSy8W3txckKwl/9eRlz+2eJd6xYX4sHnWfSpd5OKuir8K 8reaLdi9Gws0MyMDlB0hHZyk78BQt8xjJ24BETPSreefV5OVTI20tzepe08GYY1a BaQpl4g9GLhBlBFKQDvwtwf/V1kjRcuxMANUyBKC9ZbHivOvGVW0xZDuvxhe9mQT CfDhOJIBlu7l/6Xq/BmRTtGPouC9MarvbAwj81brd7qeN7t4dweJCwYX35OtY9Dx MUiBRDMmd1WA/xm2ljumEJo0WEkgXxColfyuRTy373Fdq3Mlfnbik+1UnzGkgui2 YewanB7iYgAk2sMIRtllxZ8WKvzha4DikTldBYuM7Jh7dPOvaDqeUnh4PdOgzSy/ 1nRPWM76DqSyHNdHrjfFoKuMla3aELB+oUBzT4btqMDKPcRkmIS+V0crKpH2WNcG Nx6sV1TK4asMlqxOW+CDbY/PoWbxVIg1y5PdOqlPafsuttKmARIJpKw0hLgn8GL3 XuL007VHqUc1OfY21Dwu94Rar0tiqqfSNeA33qtgJkszZhrqBXA3pwawObzEZF/n QT/z0yHbaG1xbI2j0MU8jO0lYnshMWtW5LyIGxcedNFEkJ6Af7aW2pX5PGNbl6OP zDGmKBMreNZezqhr3bKKGQVfgvk82agHgMYLFXQ/M7XBX2hIvu6bCx8kuP4yz/YF rKsUvyBrYMA76A== =h8/J -----END PGP MESSAGE-----
That is the privacy element. As for identity, being that I have NVS's public key, I can confirm that only someone with control over his private key signed messages with the appropriate header and signature.
Also, many people use gmail through an IMAP client such as Thunderbird, and they have the signature auto set. Personally, I use the web interface, which is why you do not always see my messages signed. However, for people who are involved with PGP, signing one's messages more often is a good way to confirm one's identity, because only the holder of the private key can accurately sign the message, and anyone with a PGP client can check that.
Here's an example I came across just now for how PGP can help with identity: http://www.haltabuse.org/pgp/index.shtml
I understand that it can look somewhat bizarre, but is it that much more annoying than 47-line long threads with 14 greater-than signs or a 25 line signature-cum-curriculam vitae :-) ?
Thanks,
--Avi
On Thu, May 29, 2008 at 7:00 PM, White Cat wikipedia.kawaii.neko@gmail.com wrote:
I do not quite understand. I can see the email address of people using -----BEGIN PGP SIGNED MESSAGE----- just fine. What privacy are we talking about?
I was asking over curiosity mostly.
-- White Cat
--
en:User:Avraham ---- pub 1024D/785EA229 3/6/2007 Avi (Wikipedia-related) aviwiki@gmail.com Primary key fingerprint: D233 20E7 0697 C3BC 4445 7D45 CBA0 3F46 785E A229
I hate when that happens. NVS, gmail added an extra line to the armored block and now the entire message is corrupted. To successfully decrypt it, copy it to a text file and delete the line between the header and the Version note. It should work then.
White Cat, the message simply says "Hello World".
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Avi wrote:
Yes, that is true. As has been explained by others, the privacy element comes in to play with encryption. For example, only NonvocalScream and myself (outside of the NSF, and probably including them too) will be able to decrypt the following message:
********* *BEGIN ENCRYPTED or SIGNED PART* *********
Hello World
********** *END ENCRYPTED or SIGNED PART* **********
That is what the message said in a decrypted state.
Best, Jon
Actually White Cat has a point. It's a blight on the mailing list - a list we all have to share. Of course, so is quoting the whole digest, but that's a totally unrelated matter.
I rarely see the point of most of the complaints that White Cat brings up here. This, on the other hand, is a legitimate gripe. It makes for almost unreadable postings. Maybe it's unavoidable. But it's certainly a legitimate gripe.
On Fri, 2008-05-30 at 00:15 -0500, Guettarda wrote:
Actually White Cat has a point. It's a blight on the mailing list - a list we all have to share. Of course, so is quoting the whole digest, but that's a totally unrelated matter.
I rarely see the point of most of the complaints that White Cat brings up here. This, on the other hand, is a legitimate gripe. It makes for almost unreadable postings. Maybe it's unavoidable. But it's certainly a legitimate gripe.
I'll take my PGP (GnuPG/...) signed/encrypted message thank you very much.
KTC
On Fri, May 30, 2008 at 1:15 AM, Guettarda guettarda@gmail.com wrote:
Actually White Cat has a point. It's a blight on the mailing list - a list we all have to share. Of course, so is quoting the whole digest, but that's a totally unrelated matter.
I rarely see the point of most of the complaints that White Cat brings up here. This, on the other hand, is a legitimate gripe. It makes for almost unreadable postings. Maybe it's unavoidable. But it's certainly a legitimate gripe.
I would agree to some extent. Did you PGP/GPG users out there (I am one, I just don't sign much anymore) realize that a properly-configured client can send the signature as an attachment and not inline? Look at Kwan Ting Chan's message, for example. It looks much cleaner and is just as verifiable.
Chris Howie wrote:
I would agree to some extent. Did you PGP/GPG users out there (I am one, I just don't sign much anymore) realize that a properly-configured client can send the signature as an attachment and not inline? Look at Kwan Ting Chan's message, for example. It looks much cleaner and is just as verifiable.
I do it that way, the thing to look for in your configuration screens is "PGP/MIME".
However, it's not without its downsides. Back when I used Eudora as my mail client I routinely had to delete hundreds of little orphaned signature attachments from the attachments directory, and as someone else in the thread has pointed out it doesn't work so well with digests. Since PGP signatures only take a couple of lines in the non-attached form I don't think it's a big issue to worry about one way or the other.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Exactly, the signed messaegs are not about privacy, they are about non-repuditation, it is trivial to spoof sender information on an email, but using message digesting creates a signature that not only can other use to validate your message, but you can use to validate archives of it at a later time. In addition to authentication, this also provides for message integrity checking.
As to the inline signing v.s. mime attachments, the former is much easier to deal with, though the attachments are less likely to get corrupted.
[[en:user:xaosflux]]
----- Original Message ----- From: "Avi" avi.wiki@gmail.com Sent: Thursday, May 29, 2008 10:02 PM
Yes, that is true. As has been explained by others, the privacy element comes in to play with encryption. For example, only NonvocalScream and myself (outside of the NSF, and probably including them too) will be able to decrypt the following message: That is the privacy element. As for identity, being that I have NVS's public key, I can confirm that only someone with control over his private key signed messages with the appropriate header and signature.
Also, many people use gmail through an IMAP client such as Thunderbird, and they have the signature auto set. Personally, I use the web interface, which is why you do not always see my messages signed. However, for people who are involved with PGP, signing one's messages more often is a good way to confirm one's identity, because only the holder of the private key can accurately sign the message, and anyone with a PGP client can check that.
Here's an example I came across just now for how PGP can help with identity: http://www.haltabuse.org/pgp/index.shtml
I understand that it can look somewhat bizarre, but is it that much more annoying than 47-line long threads with 14 greater-than signs or a 25 line signature-cum-curriculam vitae :-) ?
Thanks,
--Avi
On Fri, May 30, 2008 at 8:03 AM, xaosflux xaosflux@gmail.com wrote:
As to the inline signing v.s. mime attachments, the former is much easier to deal with, though the attachments are less likely to get corrupted.
It is only easier to deal with when:
1) The sender does not have a user-agent capable of attaching signatures, or 2) The receiver does not have a mechanism to check such signatures.
Both of which, with the exception of web mail systems, should not be issues today.
2008/5/30 Chris Howie cdhowie@gmail.com:
Both of which, with the exception of web mail systems, should not be issues today.
Yes, it's not like Gmail is popular or anything ...
(I suggest a Gmail feature request.)
- d.
On Fri, May 30, 2008 at 9:13 AM, David Gerard dgerard@gmail.com wrote:
2008/5/30 Chris Howie cdhowie@gmail.com:
Both of which, with the exception of web mail systems, should not be issues today.
Yes, it's not like Gmail is popular or anything ...
(I suggest a Gmail feature request.)
At the risk of getting (further) off-topic, I agree to some extent. However, people using Gmail typically are not concerned too much with privacy. :)
Also I'm not sure I want my private key on their servers... of course signatures could be *verified* over there. They could even have a cool AJAX keyring manager! Ooooh! Google Keyring!
2008/5/30 Chris Howie cdhowie@gmail.com:
Also I'm not sure I want my private key on their servers... of course signatures could be *verified* over there. They could even have a cool AJAX keyring manager! Ooooh! Google Keyring!
That'll be a *real* all your base belong to Google. On US-based servers! In the purview of FBI national security letters! Forget I said anything ...
- d.