[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
"Cyherpunks Named Official Signing Authority"
L. Todd Masco wrote:
> Does the idea of having the list software check signatures strike
> anybody else as a Bad Idea? Signatures should be checked locally
> by the recipient -- otherwise one might as well ask the sender to
> include a statement stating whether or not a message is authentic
> and should be believed. I wouldn't want to see cypherpunks being
> used to propogate this false security -- majordomo can no more be
> trusted, as an external agent, than a message's sender.
I absolutely agree.
Having a central "Signing Authority" (analogies with Turing
Authority?) is a step backward. Single-point failures and all that,
vs. the distributed, end-user, local process.
If the intent of a "Compelled Signature" (tm) policy is to get people
used to signing messages, why not get them used to _verifying_ sigs as
well? (I suspect fewer than 1% of all messages have their sigs
checked.)
Very loosely speaking--and with no imputations of motives, ideology,
natch--such a central signing authority could play into the hands of
those on the Net today who are talking about forcing all Net users to
"identify themselves" clearly.
Imagine the P.R. value to these Net.Cops: "But even the Cypherpunks
require all posts to be signed!."
I say we stick to the anarchy which has worked so well.
--Tim May
--
..........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: [email protected] with body message of only:
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay