1994-12-02 - Re: Authentication at toad.com: WTF?
Header Data
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
To: cypherpunks@toad.com
Message Hash: c1ee616eaa1ca8dbd37902c634810ff1bcaefae72246e5fe86538eb58daa890b
Message ID: <9412010625.AA17536@anchor.ho.att.com>
Reply To: N/A
UTC Datetime: 1994-12-02 07:39:35 UTC
Raw Date: Thu, 1 Dec 94 23:39:35 PST
Raw message
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Thu, 1 Dec 94 23:39:35 PST
To: cypherpunks@toad.com
Subject: Re: Authentication at toad.com: WTF?
Message-ID: <9412010625.AA17536@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MATERIAL-----
> On Wed, 30 Nov 1994, The new cypherpunks signature checking agent wrote:
> > The below message was found to have a valid signature from "JEFF LICQUIA (CEI)
> > " JLICQUIA@mhc.uiuc.edu.
Apparently it was a spoof, but whatever. I'd be really bugged by
the security implications of software claiming to have validated
signatures; software that complains about bogus sigs is fine,
since if it's spoofed it's only a warning, and if the warnings
are deleted your trust is still somewhat limited unless you've verified
the signatures yourself. Trusting someone else's verification
is less than ideal security policy :-)
Bill
-----BEGIN PGP SIGNATURE-----
Pgp-version: 32767
uhohovhoehvohfvoihvhoviheoivhefoivhefohvefohv
jhjhohhuhvuhiuhewiuvhiuhfveiuhefviuhevhevhvhh
-----END PGP SIGNATURE-----
Cypherpunks signature checking agent: It's valid - trust me!
Thread
Return to December 1994
- Return to “eric@remailer.net (Eric Hughes)”
Return to “wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)”
- 1994-12-02 (Thu, 1 Dec 94 23:39:35 PST) - Re: Authentication at toad.com: WTF? - wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
- 1994-12-02 (Fri, 2 Dec 94 07:22:31 PST) - Re: Authentication at toad.com: WTF? - eric@remailer.net (Eric Hughes)