Digital Signing (Beat The Dead Horse) was Re: Free Software for m$

plug-discuss@lists.plug.phoenix.az.us plug-discuss@lists.plug.phoenix.az.us
Thu, 26 Sep 2002 14:39:58 -0400


So, what email do you trust?  You don't trust email with a signature because
it is an attachment but you do trust all email without an attachment?  Or you
don't trust any email?  I don't understand your position.

Perhaps an example would help me.  I have sent this email through the list. 
Suppose it had important information that you wanted to act on if you could
trust that the message really came from me.  What would this email need with
it or outside of it (phone call, whatever) that would cause you to trust the
email and act on the contents?

Alan

On Wed, 25 Sep 2002 09:59:39 -0700 Thoreau <thoreau@supportbeam.com> wrote:

> I see an attachment, if I don't know what it
> is, the message is deleted.
> The message better have a damn hefty
> description for me to even consider
> opening it. I do not need a signature to tell
> me wether or not to open a
> file. Common sense, and even an up-to-date
> virus scanner can do wonders for
> keeping you safe.
> 
> Suppose someone gains unauthorized access to
> Derek's machine?  That person
> could send out anything they want, signed, and
> I would be putting my faith
> in that signature?  Not likely.
> 
> Thoreau
>