--On tirsdag, juni 03, 2003 16:02:52 -0700 Michael Thomas <mat(_at_)cisco(_dot_)com>
wrote:
It depends on what you mean by signing. Signing a
message in and of itself ought not hurt anything
modulo software bugs, etc. But the real question
is what does the receiving program (MTA, MUA) do
with that signature? At the very least it could
verify the signature, but then what? If it doesn't
verify do you drop it? (transitive trust comes
into play, but most likely). Does it do anything
beyond that?
Let me ask something in return: do you think that
just the act of signing mail -- with no trust
roots implied -- could help? My sense is that it
might in a sow-the-seeds kind of way for some
later goodness (it's as you say not a solution).
I too would be happy to hear downsides.
well... if signing my email would help get rid of the nonconformant mailers
on the path that do perverse stuff that breaks signatures, that certainly
would be a benefit to the world.... verifying my own signature failed....
and here's why:
Original:
--==========1875089384==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Copy:
--==========1875089384==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
The difference matters not at all to anything but a signature verifier.....
sigh.
Harald