On 7/11/2009 10:38 PM, Tim wrote: > David: >>> Hey g. Would you, could you, do me, and others, a favor? Please? >>> >>> Either do as you are supposed to do when using GnuPG to sign your emails > > g: >> there are no hard set 'rules' stating that one *has* to *publish* their >> *public keys*. > > Agreed, there is no "supposed to do." > > I find it irritating that mail clients will automatically try to fetch > keys when reading signed mail. It bogs things down, even on broadband. > Much better would be if it didn't bother to do that unless you clicked > on a "check unknown key" button. Even checking known keys, ones that it > already has, slows down mail reading. > > These days, I've set gpg not to auto-fetch keys, seeing as Evolution is > lacking in useful configuration options about this. > > And, as you said, the other poster could have asked to be sent the key, > instead of going off the deep end. > >> publishing public keys on a key server only gives spammers an assurance >> that any email addresses they find on a key server are real. >> >> years back when i started using pgp sigs, i did publish my key and shortly >> after my spam level almost tripled. therefore, i do not do so now. > > Same here. There are spammers which just leech new addresses off PGP > servers as they arrive, and immediately spam you. And if you had more > than one address on the key, they spam each of them. > > I removed some addresses from a key, and the next set of spam only > spammed the current set of addresses on the key. That doubly proved the > point that some spammers regularly harvest the key servers. > > And since many different key servers talk to each other, it doesn't help > you by deliberately choosing to only upload your key to a particular > server. > >> one of reasons that i use a pgp sig is that it maintains my idenity and >> prevents someone from trying to send an email as me, which has happened >> on this very list. > > A fair enough point. It's a common enough problem. I've seen many > people state that exact same reason over the last several years. > > I'd just love to learn how to use a chainsaw, using a spammer's computer > system for practice. And I'm sure there'd be a long line of people > waiting to have their turn, too. > I'm sorry for quoting all of this. But it does, somewhat, all tie together. In a rambling sort of way. Did I understand correctly that 'g' thinks that since he 'signs' his emails to this list with an unpublished key that no one from this list, for example me, can email him directly? Directly to his email address instead of to the list? -- David -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines