-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2/1/2012 04:38 PM, Robert J. Hansen wrote: > I have referred to this paper probably five times or more on this list > and other lists. I really wish people would read it. I'm getting tired > of answering this -- it's my least-favorite OpenPGP-related question. > > Shirley Gaw, Edward W. Felten, Patricia Fernandez-Kelly. Secrecy, > Flagging and Paranoia: Adoption Criteria in Encrypted Email. Proceedings > of CHI 2006 Conference on Human Factors in Computing Systems, 2006. > > www.cs.princeton.edu/~sgaw/publications/01Feb-Activists-sgaw-CHI2006.pdf
I have read the abstract, and admit that I only skimmed the rest of that paper. I find that it is only really talking about the use of public key encryption of messages, and the human factors that lead to the decision of whether or not to encrypt messages. That is a separate topic from actually signing your message with your secret key - and is not terribly germane to public mailing lists. Since the list owner would have to deem it worth the trouble to generate a key pair for the list AND collect the public keys of each subscriber, and use software that will be able to decrypt messages sent to the list, and re-encrypt them to each subscriber. This would not significantly improve security in such a forum, and would increase the load on the system that processes mail for the list. To clarify, by "public mailing list", I mean that anyone can join it and post to it. A private mailing list would mean, in this context, would be an "invite-only" list, where one would have to be known to the list owner and specifically invited to join. Signing, OTOH is a personal choice of each subscriber. Those who choose to do so can do so, and those who do no choose to do so, do not. Regards, Christopher J. Walters -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJPKbaFAAoJEJ6vdel2qM1cbsIP/1fRt03em5hHN3uQz5c+tilV cfBTItlXIVE5W6I9Xl08mhIy5KGhCG9vn0Zjx5PJn30VYneakAxNxHzQ+uqDlDa0 9A/PvzUSOoz8AO0IDEblASsU6z6iS/1xEuP1C3GXeqZcb9Rg2//UPEHwAMxvE1sG rmIMX2MUrTb2Tuy8EL20ym/VioUaqP3H/le1shNBmakS9sjgtsDooQzJX3erl64b pKD30BaBmP93WiI/r7Sxnry0jp7n8yMSpYRCzKMUWde7MNVZ+MgwBo5EVisWBBkq vh/X+uKbp/6uVSk1LXh/dpj8Sbl0Co8u+0jKudeBcGscu8Y/inuP22evKmS90XuE qGx/Mgwy+Vp05M8OwuYk8+2V/41KLNoO/IWrtWQfwDEOJSjcA2mcamYdF8jwAeOY IIW5Dapk2f5g4EciPZ1eO/SJ4227aV3PEbuceLAAy2BHSHuXIt9uTEq3SOHzxLKT vauuP/kLgra9ZZJkESoSoAY5KBHaJt3C6+jSp7KYL6UNUipto8/mH0MF/KXecUyb ZYOYSRDBlvE2/WicxZBCN0Nlwq1SQ38/zCUFyXiKnyhjiUNpBuHdOdZfrp9KWDrC Y08GgwY4WWpmwBQbP3zPM1X7iVoP2gfmcm3+1gxfm/aVkhhm22JZNdvBGId69AIe xDfh2dzEYWl+/S7oILXB =E1X7 -----END PGP SIGNATURE----- --- avast! Antivirus: Outbound message clean. Virus Database (VPS): 120201-0, 02/01/2012 Tested on: 2/1/2012 5:02:50 PM avast! - copyright (c) 1988-2012 AVAST Software. http://www.avast.com _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users