-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Atom 'Smasher' wrote:
let's say i send an email to my mom, and her MUA recognizes a pgp email header on my signed email. whether the mail was signed manually or automatically doesn't matter, here. anyway, her MUA informs her:
This email includes key information for "Atom Smasher". Would
you like to accept all emails signed by "Atom Smasher"?
that's all it takes. then her MUA creates a key-pair for her, and automatically signs outgoing messages... same thing happens when someone gets a message form her.
OK, I'll argue that you do not even need to see that message in the first place. Why not have her MUA look at recent traffic and say "she has sent e-mail to atom smasher three times. I've seen the same key from atom with a stamp three times. Therefore, let's assume any signatures created by this key is equivalent to a stamp made by atom. no need to bother mom. She has more important things to do."
seriously, the whole notification accept request messages would only serve to confuse and not enlightened. This is not to say you should not keep track of all of this information and making available on user requests but there's no need to throw in their face. Remember that users hate pop-ups of all forms whether they be from Web browsers or from alert boxes in the application.
================
so, the obvious weakness in automatically signing emails is that viruses will steal the key (large keys don't help), and then use it to send mail to everyone in that user's address book.
just as much as they can steal cycles from a users machine (100 addresses is not that much) and send hashcash stamped messages to everyone in your address book.
=================
as an end user, do i benefit more from hashcash or signatures? i ~think~ hashcash is, overall, better. as a bank whose customers are targeted in phishing scams, do i benefit more from hashcash or signatures? i can protect myself much better if a PKI allowed customers to quickly identify if an email is *really* from me... domain-keys and SPF will both help with the problem of forgeries.
hashcash is an introducer. Opportunistic signatures allow for efficient distribution of mail to people who agreed to know each other (individuals and mailing lists). you can never really know if e-mail is "really" from you. They're too many ways for the identity process to be corrupted even if you meet the person face-to-face with appropriate documentation. You have no of knowing it's truly accurate. You need to understand where false information can be injected into the system and if you can corrupt human processes long before you ever go digital, then there is no hope. All you can do is trust people based on repeated exposure.
=================
...atom
_________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 -------------------------------------------------
"The World Bank, IMF, and private banks have consistently lavished huge sums on terror regimes, following their displacement of democratic governments, and a number of quantitative studies have shown a systematic positive relationship between U.S. and IMF/World Bank aid to countries and their violations of human rights." -- Edward S. Herman, economist, U.S. media and foreign policy critic, author of 'The Real Terror Network' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures
iQEcBAEBCAAGBQJBMj6vAAoJEAx/d+cTpVciFeMIAKZzSs77yLZFWLwoga8RgWFr 2fxeDWiNYnlaigmmzv5iZVBojzndanrtIFHzJrFGeyP5NKGX983yTjRkqvYKZVMZ MOLkdvG0kKHfUo3leS+ieK8HB7RB4UpDcQBSRIKGEdz2doSsfWZUjK0PucWyxWjK 4nj7QHDtRAsDKzvSUQ6oigxaltUeJIFHf+mpcY8pgQ6gPjyiq5KuWWBX6Q1Tot4I SxWClDuk1QY+mLlfa3cROzGUsXC7Mtb20b7Mu/BwPUAC44jJSkGm6A2GFjYRxUyv g0oZB7fh9RuggnnylzeXWfjW9ghcZLHfUBi4ZPbjWgmqugFRr5pFxnAxUTv2mQ8= =e4I3 -----END PGP SIGNATURE-----