-----BEGIN PGP SIGNED MESSAGE-----
On 2/1/2012 04:38 PM, Robert J. Hansen wrote: > I have referred to this paper probably five times or more on this list
> and other lists. I really wish people would read it. I'm getting tired
> of answering this -- it's my least-favorite OpenPGP-related question.
> Shirley Gaw, Edward W. Felten, Patricia Fernandez-Kelly. Secrecy,
> Flagging and Paranoia: Adoption Criteria in Encrypted Email. Proceedings
> of CHI 2006 Conference on Human Factors in Computing Systems, 2006.
I have read the abstract, and admit that I only skimmed the rest of that
paper. I find that it is only really talking about the use of public key
encryption of messages, and the human factors that lead to the decision of
whether or not to encrypt messages.
That is a separate topic from actually signing your message with your secret
key - and is not terribly germane to public mailing lists. Since the list
owner would have to deem it worth the trouble to generate a key pair for the
list AND collect the public keys of each subscriber, and use software that
will be able to decrypt messages sent to the list, and re-encrypt them to
each subscriber. This would not significantly improve security in such a
forum, and would increase the load on the system that processes mail for the
To clarify, by "public mailing list", I mean that anyone can join it and post
to it. A private mailing list would mean, in this context, would be an
"invite-only" list, where one would have to be known to the list owner and
specifically invited to join.
Signing, OTOH is a personal choice of each subscriber. Those who choose to
do so can do so, and those who do no choose to do so, do not.
Christopher J. Walters
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120201-0, 02/01/2012
Tested on: 2/1/2012 5:02:50 PM
avast! - copyright (c) 1988-2012 AVAST Software. http://www.avast.com
Gnupg-users mailing list