On Tue, 2008-10-28 at 20:03 +0200, Gilboa Davara wrote: > On Tue, 2008-10-28 at 12:05 -0400, Chris Snook wrote: > > Joachim Backes wrote: > ... > > > My question: are there rules for the fedora email traffic saying: do not > > > use signatures? > > > > No. Proper use of PKI (such as GPG signatures) is worth a few bytes. Anyone > > who desperately cares about this can choose to receive mail in daily digest > > format, which saves far more in headers than would be consumed even if everyone > > on the list used GPG. > > > > -- Chris > > > ... All nice and dandy, but it would have been nice if anyone would have > been able to give me -one- solid reason why he/she needs to sign his/her > messages - when they are being posted in a high-volume public ML. (Geek > factor not included) Real simple. Always sign messages when ever and where ever possible. The exception should only be those cases where it is precluded for some reason. As I stated in an earlier message, this has to do with traffic analysis as well as "preponderance of evidence" issues. That's two good reasons which have been well discussed in various cryptography forums and amongst security professionals for years. I remember having this debate in the PGP forums on USENET some 15 years ago. If you don't agree with it (and many still don't) that fine. I'm still signing and if someone can't handle that, it's their problem. I would also point out one other important reason. Regressions. I've personally helped trouble shoot several significant problems in MTA's and filtering systems (MailScanner) when problems have cropped up where my signature didn't verify. Problems resolved down into corruptions in transports which then had to then be fixed. > - Gilboa Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@xxxxxxxxxxxx /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines