[Enigmail] My Bad, Sorry About That

[Faramir]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Phil Stracchino escribió:
...
> Yes, you could just download from the keyserver.  100 list users, 100
> downloads.  At that point you have ...  100 untrusted good signatures.

  OMG... and PKI was supposed to have the advantage of not having to
exchange keys peer to peer (as symmetric encryption requires), but...
well, I suppose maybe each member could get assured by CAcert, and get
their keys signed by them... But you are right, unless it is a list made
to practice PKI encryption, probably it is not worth the effort to make
it work...

...
> think "How secure can I make it?", not "How easy can I get away with
> making it?".  If you trust a public keyserver to give you the other
> members' keys, you probably didn't really need an encrypted list that
> badly in the first place.

  I get it... maybe using a CA could help, but it would have to be a
good one, not the kind of "he paid with a valid credit card, so we
assume he is who he is supposed to be".

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJIslhfAAoJEMV4f6PvczxAmGsH/0TQgb1Oc09Uuw9aZvb2r3qJ
X7KM/8VYpimBuV7Hnng8Oekmg0SfN68l9vPezoiFVp3Sw2b21Fj2Rck3nbaO06S5
jIQ2zF2iHrwXYhEWscfQi311RUDKdAqI0K5WvmckwiRXKWx9yaQOapb9QD1zesib
+zgAgv0yH6P0p0re2ogYdJwr9Hbpb3j1xeJO6ll/YqxhOsJeGYp8KDUnGHEj39NK
ksr4nkmSLNAtX3WeuTn5ml0xPxd7x+Ny/gTZZ9vpgROK/XLqD4bdPdWRIkK1+LtY
AtI0dLPAhmHuHJuzD7oR6YcekzjK7ToRE/seuXDOgVTMrKy5S7lpLIsk7KnLz3I=
=eo53
-----END PGP SIGNATURE-----