Re: Sign-or-delay

[wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)]

-----BEGIN PGP SIGNED MESSAGE-----

Eric Hughes writes

> I am still considering the "sign-or-delay" proposal for the toad.com
> server, that is, sign your articles to the list or they'll be delayed
> and eventually rejected.

Well, it's easy to require people to include PGP signatures.
However, for some people, it's difficult to do signatures in a
secure and also convenient fashion across a mix of mailers;
Tim's netcom+Mac example, or anyone using an insecure system.
My laptop where I get my work-related mail really can't handle
the volume of mail I get from cypherpunks; I'm using it as a
terminal to talk to a netblazer to telnet to a Sun where I still
have an account several gateways away, on which I haven't been
root for over a year...  Sure, I forward some of the interesting
mail to the not-very-diskful laptop, and could wait for it to arrive
and PGP-sign my replies, which will delay my articles anyway.
On the other hand, if I sign them here, half of AT&T could probably
grab the passphrase with a sniffer, so it's not something I'd
trust my real keys to.  Similarly, I wouldn't put real keys on 
netcom or other mass service provider.

On the other hand, how carefully were you planning to make your
system check signatures - does toad.com have the spare cycles
to validate them all, or are you really going for syntax only?

		Thanks;  Bill


-----BEGIN PGP SIGNATURE-----
Version: 3.2beta

AjtHiSiSnOtAsIgNaaTuretHiSiSnOtAsIgNaaTuretHiSiSnOtAsIgNaaTurexZ
ITsBoGustHiSiSnOtAsIgNaaTuretHiSiSnOtAsIgNaaTuretHiSiSnOtAsIgfoo
ReAlLyTrUsTmetHiSiSnOtAsIgNaaTureLouisFreehWasHeretHiSiSnOtAsIgN
tAsIgNaaT
-----END PGP SIGNATURE-----