[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: signing messages

To: "Timothy C. May" <[email protected]>
Subject: Re: signing messages
From: Rick Busdiecker <[email protected]>
Date: Thu, 01 Dec 1994 15:36:20 -0500
Cc: [email protected], Bill Stewart <[email protected]>
In-Reply-To: Your message of "Tue, 29 Nov 1994 22:23:09 PST." <[email protected]>
Organization: Lehman Brothers Inc.
Reply-To: Rick Busdiecker <[email protected]>
Sender: [email protected]

    From: "Timothy C. May" <[email protected]>
    Date: Tue, 29 Nov 1994 22:23:09 -0800 (PST)

    1. Only one person has reported to me that they were unable to verify
    my PGP sig (Lance Cottrell reported this...if others did, maybe their
    messages haven't gotten through to me)). From this I conclude that few
    people check PGP sigs.

A safer conclusion would be that few people report signature failures,
although I suspect that your conclusion is also correct.

I noticed that your message's signature failed, but chose not to
report it.  As I recall, it failed because I didn't have the
appropriate key, although I do have your 0x54E7483F key and the key
that it appeared to be signed with wasn't available from the MIT key
server.

I also noticed Bill Stewart's signature failure on Message-Id:
<[email protected]> -- ASCII armor stripping
failed.

In both cases, I assumed that the sender was trying to spoof the act
of signing and I further assumed that you were more careful to match
the form of a signed message than Bill was.  The fact that you've been
doing some spoofing lately only strengthened by sense that this was
another gag.

Often, but not always, when I see a Bad Signature message I let the
sender know about it.

			Rick

Prev by Date: Re: Warm, fuzzy, misleading feelings
Next by Date: Re: We are ALL guests (except Eric)
Prev by thread: Re: recent voice over data
Next by thread: Is it happening already ?
Index(es):
- Date
- Thread