1992-10-13 - Mr. Squirrel? Just who is whom here?

Header Data

From: pmetzger@shearson.com (Perry E. Metzger)
To: hugh@toad.com
Message Hash: b522b87517a2d84b579f40e313b2fa857de956c060f703f320fd96498bfcfd60
Message ID: <9210131550.AA03941@newsu.shearson.com>
Reply To: <9210131201.AA12086@domingo.teracons.com>
UTC Datetime: 1992-10-13 15:58:32 UTC
Raw Date: Tue, 13 Oct 92 08:58:32 PDT

Raw message

From: pmetzger@shearson.com (Perry E. Metzger)
Date: Tue, 13 Oct 92 08:58:32 PDT
To: hugh@toad.com
Subject: Mr. Squirrel?  Just who is whom here?
In-Reply-To: <9210131201.AA12086@domingo.teracons.com>
Message-ID: <9210131550.AA03941@newsu.shearson.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: hugh@domingo.teracons.com (Hugh Daniel)

>  A second thing that Hal's comments bring up is that we were reading
>the From: headders and ignoreing the keys.  In good crypto-mail
>readers the key ought to be checked against our own data base of
>others keys and the result added to the hedders as say:
>	KeyCheck: FooBar Bazoid holds this key in XXX database
>or some such rot.  I wonder what is more important, who I claim to be
>in a random message or what key I include...

Anyone can include your key in a random message. If you just sign your
messages, then the whole thing goes away and everyone knows its from
you. PGP allows you to sign messages without encrypting them. The
problem is that most people find using PGP on routine email
inconvenient.

Perry





Thread