1996-01-31 - On the value of signatures (was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit)
Header Data
From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
To: nsb@nsb.fv.com (Nathaniel Borenstein)
Message Hash: 7d7981eb9e778a237a5c4c2f05ae90d79877d5da2085839b8d31ba3f396354c3
Message ID: <960130.060958.4c1.rnr.w165w@sendai.cybrspc.mn.org>
Reply To: <Al3Ie8GMc50e0WY6IN@nsb.fv.com>
UTC Datetime: 1996-01-31 04:53:28 UTC
Raw Date: Wed, 31 Jan 1996 12:53:28 +0800
Raw message
From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
Date: Wed, 31 Jan 1996 12:53:28 +0800
To: nsb@nsb.fv.com (Nathaniel Borenstein)
Subject: On the value of signatures (was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit)
In-Reply-To: <Al3Ie8GMc50e0WY6IN@nsb.fv.com>
Message-ID: <960130.060958.4c1.rnr.w165w@sendai.cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
In list.cypherpunks, nsb@nsb.fv.com writes:
> I use PGP about 20 times per day. I use it in a manner that is
> *meaningful*. Unless we have in some way or another verified each
> others' keys, it is meaningless for me to sign a message to you.
> Putting a PGP signature on a message to someone who has no way of
> verifying your keys is a nice political statement, but is utterly
> meaningless in terms of adding any proof of the sender's identity. --
You are incorrect. Keys can always be obtained, and signatures can be
verified at any time. But an unsigned message can _never_ be verified
as to its origin.
You may not have my key, but I still sign this message (as I have signed
all my net traffic for over 3 years). I do this to protect the
reputation capital I've built up.
> PS -- On the off chance that anyone really doubts this is me, I will
> shortly send cypherpunks a message that has my own voice AND a PGP
> signature thereupon. That way, you can check my identity if you either
> recognize my voice OR have verified my fingerprint. Sheesh. -- NB
Sheesh, yourself, Nathaniel (if that _is_ your True Name). You're
showing a real attitude here, as though your reputation alone should be
enough to convince us of your messages' validity. A malicious attacker
would be likely to bluster this way to deflect discovery of hir ruse.
We're all nyms on the net. And yours wears no armor.
- --
Roy M. Silvernail -- roy@cybrspc.mn.org will do just fine, thanks.
"Does that not fit in with your plans?"
-- Mr Wiggen, of Ironside and Malone (Monty Python)
PGP public key available upon request (send yours)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMQ4PVhvikii9febJAQHqSgP/YTCBuPGD3yKEGQo6oYzr0gfxIs2MJFCB
xJnSS84g4n6yxSz9u8Ffkq/BHsiRA6eFBuIhLdn0nsMORiEneXGadT+Of9+qvZXA
kfr47lC01uZLfldc8CH5gJG3bc4860nz4z4YhNDW1+3jRkKN2Gzp5V1YWKWvTuIl
kKw4L4ZYZCk=
=rkJ/
-----END PGP SIGNATURE-----
Thread
- Return to January 1996
Return to February 1996
- Return to “Adam Shostack <adam@lighthouse.homeport.org>”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “Nathaniel Borenstein <nsb@nsb.fv.com>”
- Return to ““Paul M. Cardon” <pmarc@fnbc.com>”
- Return to ““Peter Trei” <ptrei@acm.org>”
Return to “roy@sendai.cybrspc.mn.org (Roy M. Silvernail)”
- 1996-01-30 (Tue, 30 Jan 1996 08:13:11 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Peter Trei” <ptrei@acm.org>
- 1996-01-30 (Tue, 30 Jan 1996 14:28:29 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
- 1996-01-30 (Tue, 30 Jan 1996 17:25:16 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-31 (Wed, 31 Jan 1996 09:14:15 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - futplex@pseudonym.com (Futplex)
- 1996-01-30 (Wed, 31 Jan 1996 00:38:41 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-30 (Wed, 31 Jan 1996 02:13:17 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - Adam Shostack <adam@lighthouse.homeport.org>
- 1996-01-30 (Wed, 31 Jan 1996 00:38:41 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-31 (Wed, 31 Jan 1996 12:53:28 +0800) - On the value of signatures (was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
- 1996-01-31 (Wed, 31 Jan 1996 09:14:15 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - futplex@pseudonym.com (Futplex)
- 1996-01-30 (Tue, 30 Jan 1996 23:45:13 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-30 (Wed, 31 Jan 1996 02:13:48 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
- 1996-02-02 (Sat, 3 Feb 1996 07:07:14 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-02-02 (Sat, 3 Feb 1996 07:40:21 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
- 1996-02-03 (Sat, 3 Feb 1996 22:26:59 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>