On Mon, 2009-07-13 at 18:53 +0000, g wrote: > if you are still in question as to advantage of pgp sigs, i would be > happy > to look for it and post it so that all can see that there are times > when > having a pgp sig does work. Whether it works or not is not the issue. The issue is "what does it work for?", i.e. "what is the appropriate use?". Needham and Schroeder famously said that anyone who thinks his problem will be solved by cryptography hasn't understood his problem, and hasn't understood cryptography. As with most aphorisms you can debate the details, but there is a grain of truth in it. What one needs to ask oneself is "what is the problem I'm trying to solve with this?". My point is that issues of identity theft or repudiation in mailing lists like this one have thus far had no practical relevance. I asked before if anyone could point to a specific case on this list. I still don't have an answer (you said you had one but it was stopped by list management, i.e. the use of signatures simply didn't arise). IOW my view is that signatures *on mailing lists such as this one* are essentially a waste of time. Signatures on personal and highly sensitive messages is a completely different issue, but in that case you'll find you invariably want to use encryption as well as signing. poc PS BTW, an excellent layman's history of crypto is Simon Singh's "The Codebook". -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
