[Dshield] E-mail verification request from pgp.com?
lsaplai at megassistance.com
Mon Oct 3 17:24:46 GMT 2005
On 3 Oct 2005 at 17:18, Bo Nordgren wrote:
> > Signing the Mail is a GoodThing(TM). PGP could have signed their own
> > Mail with their PGP key. That would have been the least to do.
> That would require someone to think about what they were doing and so
> far these emails shows no evidence of inteligent life at PGP corp. :)
> Probably noone thought about it since that would make the emails
> larger and when you are probably sending several thousands of them it
> becomes an issue.
So, does it mean that PGP is out as far as trusted computing goes and I need to find
a new way to digitally sign my e-mails ans encrypt files? What happens when a
company supposed to provide us with a security tool starts to behave like the bad
guy? I do not remember authorising PGP corp to send me this kind of verification e-
mail therefore it is basically spam. There is a huge ethic issue here.
Meanwhile, how important is it to have my signature available on the public servers?
More information about the list