who are you again?
Thu, 2 Aug 2001 12:00:11 -0700
> We've spent some time with keysignings, especially recently, to establish
> our webs of trust. I think that within this group, at least, finding paths
> to people should be _very_ easy, and in fact many are direct signatures.
> I notice that people don't sign their messages though, in sort of a
> 'normal' use of PGP among friends.
I'm one of them. And a semi-newbie.
> ...Just curious, is this because:
> 1) You're using mail client that doesn't easily integrate?
> 2) People complain about the extra funny characters?
> 3) Something else?
A: 3. I find that little delay every time I open a
GPG/PGP signed message a little annoying, and time
consuming when multiplied by n messages every day, and I
guess I don't really want to impose that by default on
others. A fractional second per message it too much for
someone who gets a lot of mail (from lists) and needs to
skim and dispose of messages (and whole threads) quickly.
I could default it to sign just for certain addresses or
to not sign for lists or whatever, but that is a continuing
maintenance cost. If I came across a way to have gpg sign my
messages only if I already have the signature of the
addressee (i.e. use my gpg database as an indicator of who
my friends are), I'd go for that in a minute, tho!
Maybe it's just a mutt thing, but if I could get started
reading the message while gpg goes and checks the signature
in the background, it would make all the difference. Or if
the signatures could be checked at download-time (through
fetchmail/procmail) instead of at read-time(through mutt),
that would do it too. ((download-time checking would also
be helpful for those who read their email offline))
What it would take for this semi-newbie to set up for
signing by default: the time-cost of sig-checking needs
to be made minimal (i.e. don't make me wait to read the
message just because you're checking a sig), and not just
for me: it has to be easy enough that I'd recommend it for
those I send to also.
Thanks for bringing this up.