RC1 ... PGP signing ...
Guy Van Sanden
n.b at myrealbox.com
Fri Oct 3 12:57:16 PDT 2003
On Fri, 2003-10-03 at 20:15, Robert G. Waycott wrote:
> My friend just notified me that rc1 is out. I have been working the past
> few days, so was not aware. Now, I wonder if I must reinstall the system
> with an rc1 .iso, or if a CVSup, portupgrade/make world will do?
> Second question: why do many users on the list PGP sign messages? Is
> there something nefarious out there about which I should worry? Is
> PGP-signing really providing a great deal of security?
Although I don't sign my messages to mailing lists, PGP signatures are a
good way to determine if a message really came from the person that the
headers indicate. If you are really sure that a particular key belongs
to someone, than you can rest assure that a message signed by that key
came from the sender (unless he got his private key and passphrase
stolen) *and* that the message arrived unchanged.
You can do a lot of damage by either forging E-mails from someone, or
modifying E-mails (I saw that kind of stuff in my college-days, some
kids send offensive Emails to teachers from other kids addresses).
No PGP signatures should solve this problem.
One cautionary note, PGP/Mime signed mails are not displayed by Outlook
at all (its MIME implementation is a complete mess).
> Esse quam videri,
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions