OK.
1. Establish a pattern: none genuine without this signature. I
understand it's not possible to prove that an unsigned message
didn't come from me, but this couldn't hurt.
2. OTOH I *can* show that a signed message must have been made with
knowledge of a specific key, which I assert that I control. When
I do write something, I want my authorship to be believed.
3. Habit. The same reason I always automatically relock doors when I've
entered: if I have a policy then I don't have to make judgments
in most cases. (Yes, I *always* carry a house key.) Considering
all the gooey rubbish I *don't* send to my correspondents, I hold
that the small cost of a signature is entirely negligible.
4. Privacy. While I prefer to hand-deliver things like new
passwords, I'm willing to send them in encrypted emails if someone
insists. Or I might want to write to a family member something
that's not super-secret but is nobody else's business.
5. Cool factor. *blush*
6. My signing habit is my tiny contribution toward a future in which
any unsigned email is automatically suspect. This would make it
feasible, for example, to set up a rule sending all mail with
no or unknown signature to a UCE folder (or the bitbucket). I
won't hold my breath while I wait, though.
I should distinguish signing and encryption. I can count on my fingers
the number of encrypted emails I've sent, but I assert that I sign all
emails addressed to humans. (Some mailing-list robots are fragile and
have trouble with signatures when directly addressed. Boo.)
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
