On Wed, 09 May 2012 13:32:12 +0200, Ralf Mardorf wrote: > If this discussion can't be stopped, than perhaps we can make it a > useful thread, by not talking about how to behave or not to behave on a > mailing list, by not talking about if we won't signed emails or not.
(...) > If you really need security, than you need to take care about many > things using PGP. I only use openPGP from time to time, to ensure that > just a special person can read this mail, but not to be completely > secure. I don't need knowledge about how to handle PGP correct and I > don't have got this knowledge. But security has nothing to do with a signed message. You use GPG/PGP signatures when you want other people can verify that you are the author of that message. And you encrypt your message when you want to prevent others can access its content, no more and no less. > Seemingly some people have completely wrong perceptions about e.g. > signing a key. Exactly. For instance, those who think that PGP signed messages will improve security when reading/posting e-mails >;-) > Instead of having something similar to a flame-war, some useful > information belongs to this list. I only see one big flaw in GPG/PGP signatures current methodology: their "keyring" system of trust relies on people and people -by definition- is nothing but unreliable. That's why I don't sign my own messages and I don't care about others signatures. To my understanding is a waste of time and resources with little-to-nothing gain. Greetings, -- Camaleón -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
