On Thu, 2012-05-10 at 17:11 +0100, Jon Dowland wrote: > On Wed, May 09, 2012 at 09:17:17PM +0200, Ralf Mardorf wrote: > > Regarding to security. Assumed somebody always sign the mails to a > > mailing list. Isn't it possible that somebody hacks the view of a > > mailing list archive? Make it look like if a nice guy said odd things > > for signed mails. He never did, the mails were not hacked, just the view > > of the web page is hacked. > > They could, if you were relying on the mailing list archives to verify > the signatures, but they don't. You can fetch the signature and the > original message (awkward from a web mailing list archive, but Camaleón > has shown a way of doing it with gmane in the past) and perform the > verification yourself.
And why do we need this? We could notarized emails + use or computer readable ID cards, anyway, this in addition won't make mailing list mails more true or less true. There's more untruth for notarized papers than for non-notarized papers. Why should things become better with openPGP signing? Again, I don't care, even if I would see cryptic lines at the bottom of my mails, but IMO we should avoid photos as thumbnails, PGP, HTML. - Ralf -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1336671374.5199.14.camel@precise
