[H-GEN] Key-signing at Humbug: Saturday, 1st March 2003

Sat Feb 22 22:18:58 EST 2003

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

+0Ny BilbRough <mtbilbro at bigpond.net.au> writes:

Hey, Tony:  The Mozilla 1.0 setting to stop top-posting is under
Edit->Preferences->Mail & Newsgroups->Composition.  I'm sure you can
find the relevant setting for Netscape 4.5, right?

Thanks so much.

> I'm afraid that I, as did Harry, wandered down those pages Greg
> suggests.  And came out the other side just as ignorant.  Lacking
> Harry's courage to exhibit my stupidity, I asked Snowy.  I am now a
> little wiser about the aims, but not an awful lot.

Well, I'm sorry to say so but cryptography is complicated.  These
days, when someone asks me about it, I only delve into an explanation
if I can see any evidence they'd be able to use the software
properly.

The very basics of the idea are that two parties may wish to
communicate in private (necessitating encryption) and/or know that a
message has arrived unaltered and is from who it says it is from
(authentication).  Public-key cryptography like GnuPG and PGP can
provide this functionality, but it requires care and a thorough
knowledge of what's going on.

I certainly would *not* recommend that anyone create a keypair unless
they know what they are getting into, and *certainly* not at at
keysigning (although I'm pretty sure HUMBUG's has already taken
place).

> I have little paranoia, and even less need to hide my activities -
> as yet!

And there's the rub---this isn't something you can set up on the spur
of the moment---you need to have your key created ahead of time, and
to have had it signed by other people (so whoever you're communicating
with can have some trust that your key belongs only to you).
Otherwise it is utterly useless.

> Harry, I just wanted to be a part of this signing because it seemed
> like fun.  But in all honesty I really do not understand the NEED
> for all of us to have gnupg.

These two sentences say to me more clearly that anything else that you
are not ready to create a key or have such a key signed by anyone.
I'm sorry that sounds harsh, but it's the awful truth.

> Unless its to dominate the market with an Open Source application,
> so keeping Redmond out?

Cryptography is for everyone.
-- 
``I may have agreed to something involving a goat.''  -- CJ

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/