On Thu, Feb 28, 2013 at 01:24:44PM -0600, Will Fiveash wrote: > On Thu, Feb 28, 2013 at 12:55:39PM +0100, Stefan Wimmer wrote: > > Hi all, > > > > I recently started to sign all my mails and it took me little time to find > > out that you can't delete attachments in signed/encrypted mails ... ;-) > > > > Now I want to automate the way I use crypt_autosign that mutt checks first > > if there is an attachment and only signs the mail if that's not the case. I > > was thinking along the lines of > > I have a couple of comments about this: > > - Why sign most messages? Unless the information is important for > others to verify that it came from a particular person why add the > bloat of a signature. Beyond this I find it ironic that people sign > e-mail with a private key where its public key isn't found on a > standard PGP/GPG keyserver like pgp.mit.edu or kerckhoffs.surfnet.nl.
I sign all my messages so that I can say, "I sign all my messages. Don't believe anything claiming to be from me, if it is unsigned." Sure, I could violate my own policy at any time, but...why? Why put my name on a message that I've repudiated in advance? I look forward with pleasant anticipation but not much hope, to the day when I can set maildrop to discard all unsigned mail before I see it. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu There's an app for that: your browser
pgpBHei5LAxOF.pgp
Description: PGP signature
