ietf
[Top] [All Lists]

Re: digital signature request

2004-02-25 13:34:34


On Wed, 25 Feb 2004, Dave Aronson wrote:

On Wed February 25 2004 09:53, John Stracke wrote:

 > Dave Aronson wrote:
 > > Requiring digsigs on a list would help cut down on spammers forging
 > > list members' addies to spam "only members can post" lists.
 >
 > Not necessarily.  Spam viruses would then start collecting people's
 > private keys.

Theoretically possible, but at least it would significantly raise the
bar.  Also, I would suppose that the people who use digsigs (at least
with the current level of difficulty) are mostly clueful enough to
avoid most viruses!  B-)

It also supposes that the private keys aren't protected with a passphrase.
The applications I use which use a pp key pair insist on a pass phrase.
Such protection will make bothering to collect private keys quite a bit
less interesting.

Dave Morris