[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 08/06/17 12:04, Grant Phillips-Sewell wrote: > On 8 Jun 2017 11:58, "Simon Avery" <digdilem@xxxxxxxxx > <mailto:digdilem@xxxxxxxxx>> wrote: > > Hi Brad, > > That's a fair and reasonable point. > > I'm not convinced it's necessary on a quiet, low traffic and fairly > non-contentious public list like this, however. DKIM does provide > reasonable sending proof (of host if not user) which I would think > would be sufficient against most spoofing attempts. > > I've seen footers used which show where the public key is available, > which obviously has a lot less impact than attaching it to every > message, and should anyone care to check, can be fetched. > > > That - for me - is the downfall of the "PGP/GPG for security" argument. > So person A has attached their PGP/GPG public key to their email so we > know it's them... but only if we check, and I don't know about anyone > else on here, but I don't check. How is it protecting against identity > fraud if nobody checks? > > Grant. > > Well we can do gpg keysigning at events, e.g plymouth Lug meet, tech jams etc, granted that is just a few people, but it is a start. Paul -- http://www.zleap.net diaspora : zleap@xxxxxxxxxxxxxxxx Torbay Tech Jam http://torbaytechjam.org.uk Next Tech jam Saturday 13th May 2017 -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq