On Wed, Jul 10, 2002 at 03:01:00PM -0400, andy@xecu.net said: [snip]
Signing post means only that you know with some certainty the bozo to hold responsible. I want to own up to my bozoesk, arrogant and stupid ramblings.
Ah, and that's where the arrogance comment came from. You assume that the members of nanog care. I'm not trying to call you an arrogant person, and I recognize that you're not being blatantly arrogant, it's more of a passive assumption. The passive assumption is that your words are important enough that somebody might want to verify them. So, does EVERY email need to be pgp signed?
If it's important enough to post in the first place, it's worth taking the minimal effort required to sign it. I cannot understand the source of the surprisingly vehement reaction against the PGP/MIME standard and PGP signing in general. I would have thought this audience, at least, would understand the importance of promoting the use of cryptography in general. Perhaps I was being naive.
When was the last time somebody on this list bothered to check the validity of a pgp signed message which they received via nanog?
Every single one that's signed, I check. But then, my MUA does it automagically. [Content-type: text/political] It's just Good Standard Practice. It frequently takes a while for the slower vendors to catch up to standards, but in this case, I think it's a good idea to push the vendors as much as possible towards adoption of support for the OpenPGP standard and strong crypto in general. It may not be personally important to every person for every message at this point in time, but the more common crypto is, the less likely we are to find it de jure or de facto outlawed. The legal history of crypto in the United States, if nowhere else, should provide incentive in this area. -- -= Scott Francis || darkuncle (at) darkuncle (dot) net =- GPG key CB33CCA7 has been revoked; I am now 5537F527 illum oportet crescere me autem minui