[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: PGP messages getting flagged as spam
From: "Mark H. Wood" <mwood () IUPUI ! Edu>
Date: 2007-10-19 13:11:19
Message-ID: 20071019131119.GA24070 () IUPUI ! Edu
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Thu, Oct 18, 2007 at 11:56:59PM -0400, Jason Harris wrote:
> On Wed, Oct 17, 2007 at 09:34:34AM +0200, Sven Radde wrote:
> > Probably true, but how will spammers get signatures on their stuff that
> > are valid *for me*? They would have to compromise one of the keys that
> > are valid on my keyring or one that would be considered trustworthy by
> > means of the web-of-trust.
>
> Why not just take some signed content from a key in the strong set,
> like this message, and add some unsigned spam to it? It would be
> a great way to ruin keys by making them "spam-keys."
Why? I mean, what evidence is there that the owner of the key used to
sign the signed content had anything to do with the unsigned content?
Signed content in the interior of a message conveys no information
about the trust one might choose to assign to the rest of the message.
A properly written rule shouldn't care that there is signed content
inside an unsigned message.
--
Mark H. Wood, Lead System Programmer mwood@IUPUI.Edu
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
[Attachment #5 (application/pgp-signature)]
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic