[linux-elitists] OT: new GPG key

Karsten M. Self kmself@ix.netcom.com
Wed Jun 11 22:11:56 PDT 2003

on Wed, Jun 11, 200e at 08:56:24PM +0000, M. Drew Streib (dtype@dtype.org) wrote:
> On Wed, Jun 11, 2003 at 09:52:59PM +0100, Karsten M. Self wrote:
> > I've decided it's time to start signing mail again...
> About time. :)

It's about a lot of things.

Among them, people asking loudly why it is I'm posting my GPG signed
mail rant in unsigned email....

But for this crowd I'll bite.  My current computing situation is that 
I'm using a portable system (not quite a laptop, it's the CappuccinoPC 
Mocha P4), frequently  in untrusted environments as my personal 
machine.  My mailserver sits a continent and an ocean away, and is also 
presumably not fully trusted (though I don't fault Peter at all for any 
of this).  However, for pedestrian threat models (which is to say, 
everyday threeats, snooping, etc., not pedestrians per se, though given 
how distracted I get...  But I digress), the assumption is that some 
protection, overwhelming snooping, or casual impersonation (spam is 
getting truly ugly), this is a useful measure.

In the past, some (notably Joey Hess) have argued *against* casual use
of GPG signatures, partially on the basis that this could create a
presumption of security (I lock my house and my car, I'm under little
illusion that someone moderately motivated couldn't breech these
countermeasures), or possibly lead to known cyphertext or known
plaintext attacks (cryptographically unlikely given my understanding of
the strengs of PKI).  My sense is that for workaday purposes, this s
better than nothing, and more importantly, not worse than nothing.

Other thoughts on this?


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   A guide to GNU/Linux backups:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030612/d6b3c36b/attachment.pgp 

More information about the linux-elitists mailing list