[Dshield] E-mail verification request from pgp.com?
jim.mccullough at gmail.com
Tue Oct 11 07:14:52 GMT 2005
A friend of mine used to work for PGP Japan, he stated it was the PGP server
validating email addresses. I can see the business need for it. What happens
if PGP has 100k invalid emails and keys stored :/
On 10/4/05, Kenton Smith <listsks at yahoo.ca> wrote:
> --- Laurent Saplairoles <lsaplai at megassistance.com>
> >I do not remember authorising PGP corp to send
> > me this kind of verification e-
> > mail therefore it is basically spam. There is a huge
> > ethic issue here.
> > Meanwhile, how important is it to have my signature
> > available on the public servers?
> > --
> > Laurent Saplairoles
> > IT Manager
> > www.megassistance.com <http://www.megassistance.com>
> a few places in each that basically says you have
> given them permission to send you email.
> Besides, as far as PGP is concerned (I would guess),
> the key servers are an important part of the whole PGP
> system (the public part). Therefore if changes are
> being made that affect the integrity of the
> application they're going to have to let you know. It
> would be irresponsible of them not to. If there was a
> bug in the PGP app, you'd expect them to send you an
> email would you not?
> I think they've been a little sloppy in this whole
> thing, but unethical? I think that's probably a
> P.S. As far as you needing the key server; the only
> time you'd need it is if you want to receive encrypted
> email from someone you don't know. Or if you sign all
> your email and someone who doesn't have your public
> key wants to verify your signature. (I think that's it...)
> Find your next car at http://autos.yahoo.ca
> Using .Net? Need to know more about .Net Security?
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see:
More information about the list