On message signing and Enigmail...
Christopher J. Walters
cwal989 at comcast.net
Wed Feb 1 21:34:30 CET 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I thought I would start a new thread because of the thread confusion. I first
want to say that I use Enigmail with Thunderbird, and check the To: and CC:
lines of any replies before I send my reply to any list, to avoid people
receiving unwanted private email from me.
On the issue of signing: I do sign my messages, and have uploaded my public
keys to key servers, so they are available to check that no one has changed my
message. In reply to the concept that it is meaningless, I will say that I
feel that it adds a layer of trust (perhaps more than one, if you have one or
more lines of trust to the poster) that the message was, in fact, posted by the
person signing it, and that person stands behind what they say.
OpenPGP's PGP/MIME vs. S/MIME: I have always used Enigmail with Thunderbird on
Windows, and GNU/Linux systems (I dual boot, so I use both). I do not use
S/MIME, have never done so, do not intend to start.
On inline vs. PGP/MIME signed messages: I post to several lists, forums and
groups. Some strip attachments, by default, and since my signature is sent as
an attachment when using PGP/MIME, it is stripped from my message. Also, some
of my contacts have set ups that automatically strip attachments (e.g. my
signature). Therefore, I decided that it is best for all to use the plain text
only type of posting and an inline signature so that everyone on all lists can
at least verify that I have taken the time to install GnuPG on my system,
generate a key pair with my name and email address, upload my public key to a
widely used key server, and enter my passphrase to sign the message.
Those are my thoughts on this matter.
Sincerely,
Christopher J. Walters
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJPKaHTAAoJEJ6vdel2qM1cWYgP+gKGcm1G3gOjVEFecqfkB4i5
opzYCazldaMcu1qz0TpeXemoZ3sgZ24T+a4i9yHgfPft6rIF6TJu23VLDYQcmUwk
vCMlvNG4gpnfJIEFkIgVqdsMfzbgk6QrQWWMmwoQkiXPL50r65Ar3mZp9ROKjuOo
MgSiURTPu0NodsOzTEiL85ScP4RtnkvPJQd6lPiehrqfazPVeWd+7EGPJEaTkHzR
3IM8j/3ZFYp7emkbvEu94h+kf+IfIzPy0Duow2blZKQ++T4cBDzPFDvqL0QvVXsi
8rSj5xTRFnYPCmaoj/Mbrh8v6P9SVDwD+q3EtVRgknpH6pj8dI3fJRZ0eH1EVGL+
Zq9CZdvCzYF/l+XD37Rz5lc3aXxkRRVSaG2jg+gpk3gwCjubxbrdHZxFPa66rvrU
cY32XTcxMTjiWBtU1p92dHfH6cCrhFnBI/5u8pYD4q5C+PW+1cUxWksdR3Z59AKj
VJIJg58WRKDV5ESEx7MiaWwIaseCJvmx8QdBaG3CaX86+HT7fOHttvmPBuh79mYn
4JIyxuvpzGq8c6dyl3IANlIdPnCq+NsTZJG6IE3jcNFLg4MIMCAFvgQNsr5qVDHl
2373Y/lF58QoDSy+6HD9WR6Sg8fz1J80JnCkzL9GahsJrklhJEdEap5QvZQ0aHt/
69cM9sVJBC0124dE8bTN
=Q1EU
-----END PGP SIGNATURE-----
---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120201-0, 02/01/2012
Tested on: 2/1/2012 3:34:31 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com
More information about the Gnupg-users
mailing list