* Will Fiveash <will.five...@oracle.com> [02-28-13 14:25]: [...] > I have a couple of comments about this: > > - Why sign most messages? Unless the information is important for > others to verify that it came from a particular person why add the > bloat of a signature. Beyond this I find it ironic that people sign > e-mail with a private key where its public key isn't found on a > standard PGP/GPG keyserver like pgp.mit.edu or kerckhoffs.surfnet.nl. > > - If one is concerned enough about allowing others to verify the > integrity of a message shouldn't this concern also extend to > attachments which are a classic attack vector?
I believe it is *mostly* for show. I can so I will, see me. Your questions/statement are spot on. And some may not know how to sign one message and not another.... -- (paka)Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 http://en.opensuse.org openSUSE Community Member Registered Linux User #207535 @ http://linuxcounter.net
