OK. 1. Establish a pattern: none genuine without this signature. I understand it's not possible to prove that an unsigned message didn't come from me, but this couldn't hurt.
2. OTOH I *can* show that a signed message must have been made with knowledge of a specific key, which I assert that I control. When I do write something, I want my authorship to be believed. 3. Habit. The same reason I always automatically relock doors when I've entered: if I have a policy then I don't have to make judgments in most cases. (Yes, I *always* carry a house key.) Considering all the gooey rubbish I *don't* send to my correspondents, I hold that the small cost of a signature is entirely negligible. 4. Privacy. While I prefer to hand-deliver things like new passwords, I'm willing to send them in encrypted emails if someone insists. Or I might want to write to a family member something that's not super-secret but is nobody else's business. 5. Cool factor. *blush* 6. My signing habit is my tiny contribution toward a future in which any unsigned email is automatically suspect. This would make it feasible, for example, to set up a rule sending all mail with no or unknown signature to a UCE folder (or the bitbucket). I won't hold my breath while I wait, though. I should distinguish signing and encryption. I can count on my fingers the number of encrypted emails I've sent, but I assert that I sign all emails addressed to humans. (Some mailing-list robots are fragile and have trouble with signatures when directly addressed. Boo.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users