From: "JEFF LICQUIA (CEI)" <JLICQUIA@mhc.uiuc.edu>
Date: Wed, 30 Nov 94 13:40:11 PST
To: "L. Todd Masco" <cactus@hks.net>
Subject: Re: Authentication at toad.com: WTF?
Message-ID: <MAILQUEUE-101.941130153654.608@mhc.uiuc.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> From:          "L. Todd Masco" <cactus@hks.net>

> Does the idea of having the list software check signatures strike
> anybody else as a Bad Idea?  Signatures should be checked locally
> by the recipient -- otherwise one might as well ask the sender to
> include a statement stating whether or not a message is authentic
> and should be believed.  I wouldn't want to see cypherpunks being
> used to propogate this false security -- majordomo can no more be
> trusted, as an external agent, than a message's sender.

It is a LITTLE more secure than trusting the message sender.  After all, 
the cypherpunks sig checker would be an independent party.  Sure, if Eric 
decided he didn't like someone, he could hack the sig checker to always 
reject that person's signatures; on the other hand, he could hack the list 
server right now to reject people's posts outright.  As long as it were 
recognized as an "outside authority" (with proper disclaimers), I think 
it would be useful.  At the very least, one would always have the option 
of checking the sig also.

The problem is that checking the digsigs of everyone posting to the list 
is pretty tedious and time-consuming; consequently, the sigs generally go 
unchecked.  I think they still hold a benefit both as spoof/fraud 
insurance and as an evangelism tool (a fact I have just today been 
reminded of).  Another good argument for "automatic" crypto in news/mail 
readers!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLtzwSTER5KvPRd0NAQEHBwQAmM9Gk7q6Ieh/QAw+2ardAgMrhUJWLVpG
FByPwJGhm/OIvya6Bx+A1en9eTvatL2CwScXaLQiatBqOy7Zxlh1Edv5FUFlONqV
ShsZ8G9LOldYfqqI5Q0ifTh9uWEZLIfxb6AW7ZqwoDTHvtthoVhdyy4gucf3Dp41
FssfdkqoFJw=
=nziF
-----END PGP SIGNATURE-----