[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Market for Crypto--A Curmudgeon's View

To: Sandy Sandfort <[email protected]>
Subject: Re: The Market for Crypto--A Curmudgeon's View
From: Christian Odhner <[email protected]>
Date: Wed, 30 Nov 1994 02:23:50 -0700 (MST)
Cc: Cypherpunks <[email protected]>
In-Reply-To: <[email protected]>
Sender: [email protected]

On Tue, 29 Nov 1994, Sandy Sandfort wrote:

> Here's my suggestion.  Eric should unilaterally impose his first
> step, i.e., all unsigned messages and messages with spoofed
> signatures will henceforth be flagged as such.  Let's see what

Not to point out the obvious or anything, but 99% of the people on this 
list are inteligent enough to tell if a post is signed or not, and a 
spoofed sig can be one of two things: a) the actual sender trying to 
'give a good impression' or 'see if anyone checks', or b) a third party 
trying for whatever reason to mislead people into thinking he/she is 
really somebody else that we know/trust. Situation 'a'? I don't give a 
damn, let them do what they want. Situation 'b'? Well the person they are 
spoofing is likely to yell loudly that they didn't write the post in 
question, and also there have been many times in the past where a signed 
message goes by and a few hours later several people have posted 'did 
anyone else get a bad sig check on XXXXX ?' messages... Why should we 
splater the list with 'flagged' messages so that the small percentage of 
us who don't (ever) check sigs will have some way of knowing that 
something was signed?  As my father used to say, "The lord helps those 
who help themselves. Let us go now and do likewise." This seems a little 
too much like a bit of net.welfare approaching. Added to that, it would 
be easy enough to hack toad, or somewhere just 'upstream' of toad, and 
edit out the 'bad sig' flags from selected messages, unless toad.com 
signed all outgoing messages after flagging them, which considering the 
list volume would slow that machine down to a crawl. All in all, I think 
it's too much trouble (for the list admins mostly, but also for those who 
wouldn't sign their posts but now feel compelled to do so) for a false 
sense of security. 

Happy Hunting, -Chris.

______________________________________________________________________________
Christian Douglas Odhner     | "The NSA can have my secret key when they pry
[email protected]	     | it from my cold, dead, hands... But they shall
pgp 2.3 public key by finger | NEVER have the password it's encrypted with!"
cypherpunks         WOw            dCD           Traskcom          Team Stupid
  Key fingerprint =  58 62 A2 84 FD 4F 56 38  82 69 6F 08 E4 F1 79 11 
------------------------------------------------------------------------------

Follow-Ups:
- Re: net.welfare approaching
  - From: "L. McCarthy" <[email protected]>

References:
- Re: The Market for Crypto--A Curmudgeon's View
  - From: Sandy Sandfort <[email protected]>

Prev by Date: We are ALL guests (except Eric)
Next by Date: Re: We are ALL guests (except Eric)
Prev by thread: Re: The Market for Crypto--A Curmudgeon's View
Next by thread: Re: net.welfare approaching
Index(es):
- Date
- Thread