Re: Update on mail bombing threats--not so funny
-----BEGIN PGP SIGNED MESSAGE----- At 07:09 PM 1/10/97 -0800, Dan Busarow wrote:
So in order to post to nanog you would have to have your PGP key signed by NANOG or the list operator or another entity trusted by all. How do you establish trust for that signing?
Having a key-signing party at the upcoming NANOG is a good place to start.
The Usenix key signing is a good model for techie types, but we are the minority. How would the great unwashed have their keys signed? Besides, I like being able to post without having to attend a NANOG meeting though I could live with the restriction.
Strong crypto for the masses! For what it's worth, the same model holds true for meetings of the IETF; Ted Tso has been organizing key-signing parties that are held one evening during IETF week. - - paul -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMtcOs5RLcZSdHMBNAQF8HQQAi+p3dsTucTTXPD7tMvNIUFn3DKgBTjjX JExLVyCojuq2fIIWRAlS/o14Rqy7nQK4aULDVo07Gz1jIpTygJLyOPT44XsozFAz IvgVdpS0np11u422mxQ+NMG72pIJyyucZSQq2FzLVidleChnWcBqysQsb2/JP+BO jej9ymeAjNA= =E37p -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAiuk0/8AAAEEALqlLc+x9lmgiJCRSpu/aPhQdi0hMjwiGlN2B/GJQqgZPhTb pR+u5/blGogqT+WwcXZ2XfEdIV19FrJY4BXGGn4+4TjdVN3XuuCHuueoygBAmOQD IloU6SJuDqJa0kFA5X/i/1ELn86I5+8A4Hx88FiYJIVUBR6SApRLcZSdHMBNAAUR tCJQYXVsIEZlcmd1c29uIDxwZmVyZ3Vzb0BjaXNjby5jb20+ =p8D4 -----END PGP PUBLIC KEY BLOCK----- -- Paul Ferguson || || Consulting Engineering || || Herndon, Virginia USA |||| |||| tel: +1.703.397.5938 ..:||||||:..:||||||:.. e-mail: pferguso@cisco.com c i s c o S y s t e m s
-----BEGIN PGP SIGNED MESSAGE----- On Fri, 10 Jan 1997, Paul Ferguson wrote:
At 07:09 PM 1/10/97 -0800, Dan Busarow wrote:
So in order to post to nanog you would have to have your PGP key signed by NANOG or the list operator or another entity trusted
Having a key-signing party at the upcoming NANOG is a good place to start.
No doubt, but it doesn't address the problem that started this thread. Yes, spreading the use of PGP is a good thing, but I don't see it as a tool to fight spam or, more importantly, spam terrorisim. Not in the near term anyway.
Strong crypto for the masses!
But of course :) If we can deploy it widely enough. We encourage all of our clients to use PGP.
For what it's worth, the same model holds true for meetings of the IETF; Ted Tso has been organizing key-signing parties that are held one evening during IETF week.
The point I was trying to make was that most on-line groups don't have real life, face to face meetings. They can't implement the key signing model. Maybe requiring signed posts wouldn't be that bad of an idea. While the policy wouldn't solve anything right now it could serve as an example. Hmm Dan - -- Dan Busarow 714 443 4172 DPC Systems dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMtcxabWobIiO1AA9AQEZgwP/dtxykrfT3YTrabR7DpwWNavLN/DHukda LqqpdhiutG0U7hWFR9m+Ecw6OrW8t19jb4tUvi4i/VutRSr5TIRPdIHMohBFxxbb 4XsoWGYQCgM9J0HrdM2L/TGKwV5vXQHnzNKCqacOpLX5UdjJ5ZhtG9FGBFy4W95e KqGrczae/ro= =F3sT -----END PGP SIGNATURE-----
participants (2)
-
Dan Busarow -
Paul Ferguson