On Wed, Feb 01, 2012 at 09:26:18PM +, gn...@lists.grepular.com wrote:
> On 01/02/12 21:12, Doug Barton wrote:
> >> I've posted using the same key on probably a dozen mailing lists,
> >> I use it for all of my personal and work email. I use it to sign
> >> all of the comments on my blog. I use i
On 2/1/12 5:14 PM, Christopher J. Walters wrote:
> On 2/1/2012 04:53 PM, Robert J. Hansen wrote:
>> Easily forged, and machines are too easy to compromise. This
>> idea that an IP address is clear and convincing evidence of
>> origin is absolute bonkers. An IP address is evidence of
>> *routing*.
On Wed, 01 Feb 2012 16:53:48 -0500
Robert J. Hansen articulated:
> Maybe I have a darker view of human nature than you do, that's
> certainly possible, but I think it's a critical mistake to apply
> rational-actor theory to criminals. (It's just as critical of a
> mistake to apply rational-actor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2/1/2012 04:53 PM, Robert J. Hansen wrote:
> Easily forged, and machines are too easy to compromise. This idea that
> an IP address is clear and convincing evidence of origin is absolute
> bonkers. An IP address is evidence of *routing*.
Must y
On 2/1/12 4:29 PM, Christopher J. Walters wrote:
> However, I disagree with your statement that there is no way to
> check: one can check the headers of each message to see from where
> they originated.
Easily forged, and machines are too easy to compromise. This idea that
an IP address is clea
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2/1/2012 03:45 PM, Robert J. Hansen wrote:
> Except that it doesn't. What's to prevent me from creating a
> certificate with your name and email address and making posts in your
> name, with a signature from a certificate that claims to be yours?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/02/12 21:12, Doug Barton wrote:
>>> Nothing -- and that signature is every bit as credible as the
>>> one that's from your own certificate. You might say, "but
>>> that certificate's a fraud, my certificate's real!", but the
>>> Christopher Wal
On Wed, 01 Feb 2012 15:45:05 -0500
Robert J. Hansen articulated:
> Except that it doesn't. What's to prevent me from creating a
> certificate with your name and email address and making posts in your
> name, with a signature from a certificate that claims to be yours?
>
> Nothing -- and that sig
On 02/01/2012 13:05, gn...@lists.grepular.com wrote:
> On 01/02/12 20:45, Robert J. Hansen wrote:
>
>>> On the issue of signing: I do sign my messages, and have
>>> uploaded my public keys to key servers, so they are available to
>>> check that no one has changed my message.
>
>> Except that it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/02/12 20:45, Robert J. Hansen wrote:
>> On the issue of signing: I do sign my messages, and have
>> uploaded my public keys to key servers, so they are available to
>> check that no one has changed my message.
>
> Except that it doesn't. What
On 2/1/12 3:34 PM, Christopher J. Walters wrote:
> On the issue of signing: I do sign my messages, and have uploaded my
> public keys to key servers, so they are available to check that no
> one has changed my message.
Except that it doesn't. What's to prevent me from creating a
certificate with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I thought I would start a new thread because of the thread confusion. I first
want to say that I use Enigmail with Thunderbird, and check the To: and CC:
lines of any replies before I send my reply to any list, to avoid people
receiving unwanted pri
12 matches
Mail list logo
