Re: Digital Sigs (was IS: ATTN: List Mom: Unnecessary smime attachments)
Re: Digital Sigs (was IS: ATTN: List Mom: Unnecessary smime attachments)
- Subject: Re: Digital Sigs (was IS: ATTN: List Mom: Unnecessary smime attachments)
- From: Sander Tekelenburg <email@hidden>
- Date: Tue, 14 Sep 2004 02:30:21 +0200
At 16:48 -0700 UTC, on 2004/09/13, John W. Baxter wrote:
> On 9/13/2004 15:59, "Sander Tekelenburg" <email@hidden> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>
> Well, this is an alternative way to send signed messages. It's not s/mime.
> (It is the way I do it on the rare occasions when I send a PGP signed
> message.)
Right. s/mime has its advantages, but simple in-line sigs are more backwards
compatible and thus create less of a hassle. The downside is that inline sigs
cannot be automated very well.
> I redirected your message from Entourage, where I read mailing lists but
> where I didn't remember having bothered to set up PGP capabilities, to an
> account I read with Apple Mail.
>
> And I asked Apple's Mail program to verify the signature...it went out and
> got your public key and said the message was good.
Yep. Looks like this list server leaves the body of messages intact. Good.
> Then I checked the Script menu in Entourage, and found that I had set up the
> PGP scripts. PGP (PGP 8.0 commercial from PGP Corp) told me
> *** PGP SIGNATURE VERIFICATION ***
> *** Status: Good Signature from Invalid Key
> *** Alert: Verify signer's key before trusting.
> *** Signer: Sander Tekelenburg <email@hidden> (0xD782A29D)
> *** Signed: Monday, September 13, 2004 3:58:51 PM US/Pacific
> *** Verified: Monday, September 13, 2004 4:43:08 PM US/Pacific
>
>
> I suspect by "invalid key" it means that I haven't told it I trust the key,
That's correct. Just for fun you could tell PGP to trust my key and validate
tyhe same message again. It'll then say just "*** Status: Good Signature" I
believe. (Depends a bit. More settings can play a role here.)
[...]
> But as I say, this is a different signing method than we've been discussing.
Depends on your definition of "we" ;) John Welch and me had already moved
beyond that, discussing the use of digital sigs as such, regardless of s/mime
or another technique (I changed the Subject header to indicate that). My
point was to demonstrate that a digital sig _in general_ can be useful even
when it is forwarded through some third party (Apple's list server in this
case).
I do agree that it is rather annoying to be receiving sigs as attachments
when one's mail client doesn't do better. But as I consider digital sigs
useful and something that should be more common, I myself am willing to put
up with the nuisance. Just all the more reason to go bug Steve Dorner about
this yet again ;)
--
Sander Tekelenburg, <http://www.euronet.nl/~tekelenb/>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Applescript-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden