[ale] GPG Key Signing?

Michael H. Warfield mhw at WittsEnd.com
Tue Feb 22 20:12:42 EST 2011


On Tue, 2011-02-22 at 19:53 -0500, Jim Lynch wrote: 
> David Tomaschik wrote:
> > Anyone interested in cross-signing GPG keys either at the ALE meeting
> > or the Linux Freedom Fest Saturday?
> >
> >
> >
> >   
> Why?  I don't communicate sensitive data to anyone on the list?

There are many philosophical points we may debate on this...

* Do you always mail a letter in an envelope?  Why?  You're not hiding
anything are you?  It wasn't all "sensitive" was it?  Why not use a post
card?  It's cheaper.

* If the the only thing I encrypt is something I want to keep secret
doesn't that call attention to it by the very nature that I encrypted
it?

* If everything is encrypted, everything needs to be decrypted to
establish what is interesting (and private) and what is not) and doesn't
that, in and of itself increase the difficulty and the security of the
things we really want kept private?

* If I sign everything (as I do) then I establish my identity over a
long period of years through a preponderance of evidence that it was me.
That's worth some value, wouldn't you agree?

> Jim.

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20110222/fae17156/attachment.bin 


More information about the Ale mailing list