From owner-freebsd-current@FreeBSD.ORG Tue Sep 29 18:00:13 2009 Return-Path: Delivered-To: FreeBSD-Current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6B09710656C1 for ; Tue, 29 Sep 2009 18:00:13 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.freebsd.org (Postfix) with ESMTP id 6002C8FC1D for ; Tue, 29 Sep 2009 18:00:12 +0000 (UTC) Received: (qmail 29089 invoked by uid 399); 29 Sep 2009 18:00:11 -0000 Received: from localhost (HELO foreign.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTPAM; 29 Sep 2009 18:00:11 -0000 X-Originating-IP: 127.0.0.1 X-Sender: dougb@dougbarton.us Message-ID: <4AC24B28.603@FreeBSD.org> Date: Tue, 29 Sep 2009 11:00:08 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.23 (X11/20090822) MIME-Version: 1.0 To: "J. Hellenthal" References: In-Reply-To: X-Enigmail-Version: 0.96.0 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD Current , FreeBSD Stable , FreeBSD Ports Subject: Re: Signing Request X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Sep 2009 18:00:13 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 FYI, cross-posting to more than one list is discouraged. J. Hellenthal wrote: > On Wed, 23 Sep 2009 11:40 -0000, jhellenthal wrote: > >> >> If you do not need to pgp/gpg sign email message to the lists please >> don't. I think a lot of people would define "need" differently than you do. Part of being on a public mailing list is dealing with traffic in formats that you don't necessarily like or would choose to use. The robustness principle fits here, "Be liberal in what you accept, and conservative in what you send." >> I know I probably don't have your pgp public key and a lot more >> users probably do not either. There are ways to address that problem. I see that you're using Alpine, not sure what you're using for PGP in association with that. My own mail/pine-pgp-filters port works quite well for this purpose. You can also include the following in your gpg.conf: keyserver-options auto-key-retrieve which will retrieve the keys for you without intervention. (FWIW, I also recommend the options no-include-revoked, import-clean, and export-clean.) Personally I keep the keys that I care about in their own keyring files, and allow the "random" keys to be imported into pubring.gpg. That way I can nuke that ring, or keys on it any time and know I'm not losing anything important. I'll leave that configuration as an exercise for the reader. :) > If I do not have your public key in my keyring then I do not want it, do > not need it and have no use for it at this time. This keeps my keyring > small and manageable. Well yay for you! :) However explaining your reasoning isn't making you sound any more reasonable. The "public" part of "public key cryptography" is often messy, you need to learn how to deal with it. hth, Doug (who signed this message so everyone would know it's from me, no tweak intended) - -- This .signature sanitized for your protection -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (FreeBSD) iEYEAREDAAYFAkrCSygACgkQyIakK9Wy8PvZBQCcCSp1KEprBdrmG2nN4HZCkxA2 4GAAoPVZN5OXxsDjYzNtVOd3IAvBYQ08 =fRlR -----END PGP SIGNATURE-----