[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Need PGP-awareness in common utilities




-----BEGIN PGP SIGNED MESSAGE-----

<flame="medium">
<!-- thin-skinned, insecure people don't read this.  If you are
taking medication or are a pregnant woman, consult your doctor
before participating. -->


I just got a letter back from [email protected] 
because my easy-PGP script had clearsigned my outgoing message
to it, and majordomo didn't know what to do with the clearsigned
message.


I really don't see why programs like majordomo, UseNet
moderation-bots, and most noticeably the PGP key distribution
program are PGP-unaware.


Okay, fine.  Having waited for FIVE YEARS or however long it has
been, you who are responsible for such handy dandy programs may
now convincingly argue that you might as well wait for another
few months to get PGPlib.  But I sincerely hope that once PGPlib
arrives we don't wait another five years before using it.


(There is another argument that people sometimes make-- that
it is too complicated to ensure pubkey<->True Name.  SO WHAT!  
Pubkey<->True Name mapping is an advanced feature that depends
upon the existence of some kind of public key infrastructure.
Many people, myself included, wouldn't even USE pubkey<->True
Name mapping if we had it!  Just implement some basic
privacy/authentication functions (trivial, using PGP 2.6 under
Unix) and MitCH be damned!  If we had started with the simple
stuff five years ago we might HAVE a complete, secure
infrastructure by now.)


As an example of this sad state of affairs, no less of a
cryptographic enthusiast than Robert Hettinga runs a mailing
list (several actually) which breaks every PGP clear-signature
that it encounters.


Really pitiful, that even our own mailing lists are incompatible
with PGP.


Regards,

Bryce

PGP sig follows:  [If you see garbage beyond this line, it means you are an 
anachronistic troglodyte.  If you see a "PGP sig okay!" it means you are hi-
tech.  If you see "PGP sig not okay!" it means some mail-handling software 
between me and you is written/maintained by anachronistic troglodytes.  :-)]

</flame>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2

iQB1AwUBMd5l40jbHy8sKZitAQHZZAL7BUlItvGLZaTfBgTORFATkPM141R0P6Ux
mOkQY3IG0/Vmf9nJEOg8bubdaCuYmuVCJhAek6boyQsmd6VTxqxVChniSWN1Uhth
Ony1VSmufCdeqFbCGBqcAM5rfF8KM49h
=9obd
-----END PGP SIGNATURE-----