Jeremy Blosser wrote:
>
> a) live in a world where no one has locks on their doors, except for
> the very few people that know how to build their own lock from scratch
> and check it every morning for any scratches to indicate someone tried
> to break in, and the robbers just skip those and go ro
On Feb 02, Stephan Seitz [[EMAIL PROTECTED]] wrote:
> On Fri, Feb 01, 2002 at 03:36:13PM -0600, Jeremy Blosser wrote
> > Neither of these are necessarily true. HTTPS is a good example.
> > Most ebay and amazon users have no idea of any of the technical
> > issues involved with using SSL, but beca
Hi!
On Fri, Feb 01, 2002 at 03:36:13PM -0600, Jeremy Blosser wrote
> Neither of these are necessarily true. HTTPS is a good example.
> Most ebay and amazon users have no idea of any of the technical
> issues involved with using SSL, but because they use it anyway,
> their communication is more s
Jeremy Blosser wrote:
>
> Neither of these are necessarily true. HTTPS is a good example. Most
> ebay and amazon users have no idea of any of the technical issues
> involved with using SSL, but because they use it anyway, their
> communication is more secure than it would be without it. And be
On Feb 01, Mike Schiraldi [[EMAIL PROTECTED]] wrote:
> [2] I guess this is where we disagree - you seem to think that there is
> little overlap between "the set of people who care about email security"
> and "the set of people who good mailers" .. i think there is a lot.
No, I think that
> 99% of the people i correspond with simply don't care, so i generally
> don't bother to encrypt or sign my communications with them.
99% of the people don't care about good passwords, but we still force them
to pick good ones.
99% of the people don't care about secure http, but amazon.com stil
On Feb 01, Will Yardley [[EMAIL PROTECTED]] wrote:
> yeah i think the issue is not so much of technical sophistication
> (although that's an issue too) as of the fact that most people Don't
> Care.
>
> 99% of the people i correspond with simply don't care, so i generally
> don't bother to encrypt
Thomas Roessler wrote:
>
> I'm right now trying this:
>
> send-hook ~A "set smime_sign_command=\"openssl smime
> -sign -signer %c -inkey %k -passin stdin -in %f -certfile %i -outform DER\""
> send-hook ~l "set smime_sign_command=\"openssl smime
> -sign -signer
> The people you are likely to coorespond with that wouldn't be able to take
> advantage of it would also likely not need to, either because they didn't
> know enough to care. [...] Thus you could continue to communicate with all
> people the way you want, without imposing unneccessary expectation
On 2002-02-01 14:32:20 -0500, Mike Schiraldi wrote:
>I could attach just a signature and leave out the certs when
>sending to certain mailing lists (using a hook to change
>smime_sign_command to toggle OpenSSL's "--nocerts" switch).
>However, this only decreases the smime.p7s size (after base6
Jeremy Blosser wrote:
> On Feb 01, Mike Schiraldi [[EMAIL PROTECTED]] wrote:
> > Part of the problem with PGP is that only "people that know enough
> > to care" use it. My goal is to be able to communicate securely and
> > privately with everyone -- even Outlook and Netscape users.
>
> The peopl
On Feb 01, Mike Schiraldi [[EMAIL PROTECTED]] wrote:
> > It would only work among mailers that knew how to use it, but many people
> > that know enough to care about this are going to be using a decent mailer.
>
> Part of the problem with PGP is that only "people that know enough to care"
> use i
> It would only work among mailers that knew how to use it, but many people
> that know enough to care about this are going to be using a decent mailer.
Part of the problem with PGP is that only "people that know enough to care"
use it. My goal is to be able to communicate securely and privately
On Feb 01, Mike Schiraldi [[EMAIL PROTECTED]] wrote:
> > To me the ideal solution to the bandwidth issue would be a system that
> > allowed you to send the whole key with the sig to certain people, and let
> > people request it from key servers in other cases (mailing lists).
>
> I could attach j
> Mike and I were discussing this in private mail earlier this week... I'm
> sure he'll have his own things to add, but after talking with him this is
> my take on it:
That was a pretty good summary. If anyone wants to know more, feel free to
ask me off-list.
> To me the ideal solution to the ba
On Feb 01, Volker Moell [[EMAIL PROTECTED]] wrote:
> Mike Schiraldi wrote:
> >
> [...]
>
> Just a question: Is it really necessary to attach at each message the
> smime.p7s file (your signature or so)? It has always about the 10th size
> of your underlying posting, so it increases the size of you
Mike Schiraldi wrote:
>
[...]
Just a question: Is it really necessary to attach at each message the
smime.p7s file (your signature or so)? It has always about the 10th size
of your underlying posting, so it increases the size of your posting way
much.
What is it for at all? Why is this (I think)
Mike Schiraldi wrote:
> > presumably the private key should be 0600, and maybe the directory
> > 0700?
>
> The directory should be 0700 -- did you use the script's "init"
> command, or make the directories yourself? If you used "init" and it's
> not 0700, let me know.
yeah i created the directo
> presumably the private key should be 0600, and maybe the directory 0700?
The directory should be 0700 -- did you use the script's "init" command, or
make the directories yourself? If you used "init" and it's not 0700, let me
know.
Just to be safe, i just sent Thomas a patch which sets umask 07
so i am trying to learn a bit about s/mime and i've been playing around
with s/mime support in 1.5.0.
i used the smime_keys.pl script to import my keys. should this file be
setting the default permissions on my private key thus?
zugzug% ls -al d4cbff8d.0
-rw-r--r--1 william wil
20 matches
Mail list logo
