mailing list pgp signatures...

Dennis Gilmore dennis at ausil.us
Sun Jul 12 15:00:23 UTC 2009


On Friday 10 July 2009 05:47:52 pm Mikkel L. Ellertson wrote:
> g wrote:
> > one of reasons that i use a pgp sig is that it maintains my idenity and
> > prevents someone from trying to send an email as me, which has happened
> > on this very list.
>
> How does it maintain your identity when we can not verify that you
> signed the message. Without having your public key, all we know is
> that someone signed the message. So, your signing your messages sent
> to the mailing list does nothing except cause problems for others.
>
> David, one way to solve the problem is to write a filter rule that
> sends g's messages directly to trash.
>
> Mikkel

Last time this came up i set up a filter for the user that was posting with 
signed  emails  with an unposted key after i polietly asked the user to post 
the key and it was rudely refused to do so to send the users email to 
/dev/null   Not posting your gpg key and irritating people who can help you is 
a quick way to make sure that you wont get any help.

Please be nice to everyone and post to a public keyserver your gpg key if you 
intend to sign email.  its a common courtesy. Yes it does not allow us to 
verify that the email was from you since we dont trust your key.  all it does 
is allows us to verify that they key matches what is posted.

Dennis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090712/9029cc44/attachment-0001.sig>


More information about the fedora-list mailing list