python developer
Mike Dewhirst
miked at dewhirst.com.au
Sat Oct 1 00:07:35 EDT 2022
On 30/09/2022 3:31 pm, Jan van den Broek wrote:
> 2022-09-29, Mike Dewhirst<miked at dewhirst.com.au> schrieb:
>> This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
> Why?
Good question.
Further to Peter's explanation, email is the primary conduit for
hackers. At this point in time human education and training is the only
defence. The bad guys count on human error because that's what humans
are good at.
If everyone signed their mail and all mail clients defaulted to
expecting signed email from correspondents for whom the public key is
known, some of that defence can be delegated to the computer.
I'm not expecting this any time soon but it doesn't hurt to get the
message out.
Most email activists demand end-to-end encryption and obviously signing
email is part of that. However, my view is that email privacy, while
very important, is an oxymoron. If you need encrypted messages you would
never use email. You would meet under a waterfall.
So the answer to your question is signed email is easy and if it becomes
popular it has potential to defeat hackers.
Cheers
Mike
> [Schnipp]
--
Signed email is an absolute defence against phishing. This email has
been signed with my private key. If you import my public key you can
automatically decrypt my signature and be sure it came from me. Just
ask and I'll send it to you. Your email software can handle signing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://mail.python.org/pipermail/python-list/attachments/20221001/561888f5/attachment.sig>
More information about the Python-list
mailing list