[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: mailing list pgp signatures...



Steven W. Orr wrote:
> On 07/13/09 14:21, quoth Mikkel L. Ellertson:
> 
>> You know, there is a simple fix to this - someone that has G's
>> public key could upload it to a keyserver. <evil>Now, if someone
>> wanted to be nasty, they could upload a fake public key with his
>> email address. Then if there is anything to SPAMmers mining the
>> keyservers for e-mail addresses, the would get the flood of SPAM
>> anyway.</evil>
> 
> Two wrongs don't make a right. Another established part of the etiquette is to
> never upload someone else's key without explicit permission. Lots of
> keyservers don't do subkeys and you don't really have the implicit permission
> to overwrite signatures on those machines. To do so would be at least as rude
> as not publishing a public key that's needed to verify a signature in a public
> mailing list.
> 
If your mail setup is anything like mine, there is an option to
upload public keys. While I am fairly sure I wouldn't make the
mistake of uploading his key, I can see it happening. Because I do
not have his public key, at least I can not be blamed for doing it.

As far as uploading a fake key, will interesting to contemplate, I
wouldn't actually do it. I am just a bit more responsible that that.

Though I am starting to wounder why I adhere to proper net
etiquette. It seams like fewer people are following it, and if you
point out proper net etiquette, you get branded a LIST NAZI or TOP
POSTING NAZI. I guess it is a crime to ask others to be polite and
follow community guidelines.

My post was half serious, half joking. Kind of a hint about where
throwing out net etiquette can lead. After all, if all of us decided
that net etiquette didn't apply to us, then behavior I posted would
be just as acceptable as G's.

Mikkel
-- 
Culture dies when you can't see it,
build on it, be affected by it,
share it with your friends.

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]