Thread: Re: Kernel 2.6
View Single Post

   
  #9 (permalink)  
Old 02-19-2008, 06:58 AM
Bob McConnell
 
Posts: n/a
Default Re: Kernel 2.6
On Wed, 24 Dec 2003 04:12:42 GMT, cdba@cdba.org wrote:

>Bob McConnell <rmcconne@nospam.lightlink.com> wrote:
>
>> A PGP signature, by design, must wrap around the text it is signing.
>> So there is no reasonable way to put it in either the headers or an
>> attachment.
>
>That is simply not true. Pgp can be placed in a mime attachment.

Then how would it sign the text? The header you quote in your
complaints has to be before the text it signs. Maybe the signature
itself can be in an attachment, but the body must have the start and
end markers.

>> But, unlike total encryption, which is frowned upon, signatures
>> are a good thing, and are actually required in some groups, such
>> as the news.admin areas.
>
>A good thing? And why don't _you_ use them then? Pgp actually
>restricts the freedom of the individual who uses it and nobody who
>actually thinks about it would use it unless he or she had in
>choice.

I don't post enough to be a target, yet. Restrict freedom? No, it just
removes some level of anonymity. In this group, that should not be an
issue.

>> More people will begin to use them as the pretenders and
>> copy-cats become more prevalent. It's the easiest way to validate
>> the actual source of any message.
>
>And why does the actual source of any message have to be validated?
>In whose interest is it that the actual source of any message be
>validated? It certainly is not in the interest of the person
>posting the message.

Yes it is. How do you know who posted this message, or that it is even
the same person that posted the previous one? How do I know that each
message I am responding to was posted by the same person? Headers can
be forged as well as any other part of the message. If the discussion
has any real value, the identity of the writers must also have value.
I do not want anyone posting messages pretending to be me, particulary
if they conflict with or attempt to repudiate my own statements. When
that happens, I will start using pgp, or an equivalent signature to
validate which messages are actually from me. That's not to say I will
register with Verisign to publicise my key, but I will provide a means
to validate which messages actually come from me so the forgeries can
be readily identified.

Now if this were in a warez or crack group, I would agree that the
originator would want to maintain total anonymity. But this is not one
of those groups. Here, as in any community, freedom without any
responsibility for your actions leads to anarchy and chaos. Those
other groups have already reached anarchy.

>> I suggest you get used to them. They will become more common in
>> the near future.
>
>Not likely. pgp has been around for a long time and is used by
>far less than .1% of all posters.
>
>cordially, as always,
>
>rm

I have been using BBS, news and email since 1983, and the level of
forged emails and SPAM with forged headers has only become significant
in the past two years. If this trend continues, pgp or something like
it will be absolutely necessary within two years.

But, I prefer to end this on a happier note.

Have a Merry Christmas.

Bob McConnell
N2SPP

Reply With Quote