At Fri Jun 27 16:33:17 2003, Robert Strickler wrote:
> I too have large gaps in the operation of PGP, but is it not tied to an > email address or some other publicly available validation of the senders > identity? No. Well, you could use anything as an "email address" in the key - for example, I could create a perfectly valid key as Martin Radford <[EMAIL PROTECTED]> even though the "address" is not valid. It's of limited use, of course, precisely because the "address" isn't usable, but a spammer won't care about that. In many cases on the 'net, you simply don't care about identifying a sender - you just want evidence that the sender of one message is the same as the sender of others. You don't worry about exactly who that person is. > What is the point of using a key for non-repudiation if you can't identify > who sent the message? In many cases, you don't need that identification. Martin -- Martin Radford | "Only wimps use tape backup: _real_ [EMAIL PROTECTED] | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
