[SpamCop-List] Re: Drifting OT but, Re: Hotmail spam with non-hotmail return paths

[Philip Homburg]

In article <cq4uvs$2ht$1 at news.spamcop.net>,
Mike Easter <MikeE at ster.invalid> wrote:
>In many ways, the problem is in the 'trust' of the public key.  

Trust can be established simply by using a key for some time. I don't
personally know anybody called 'Mike Easter', but there is somebody 
who calls himself 'Mike Easter' who has been posting in this group for
quite a while.

Now if a second 'Mike Easter' comes along, with exactly the same headers,
it would be nice to know which one is which.

If even if would not verify a pgp signature now, once there is the suggestion
that is might be an imposter, it would be easy to check any archives.

You can also automate this in the news client software: by adding both
the public key and the signature to an article and by comparing public keys
with previous articles by the same author.

(SSH also stores the public key of a server in a local file, even if there is
no certificate. The next time you connect to that server, you know
whether it is still the same server or not).



-- 
We just programmed the computers to revive us when it was all over... they
were index linked to the [...] stock market prices you see, so that we'd
be revived when everybody else had rebuilt the economy enough to be able to
afford our rather expensive services again. -- Slartibartfast in THHGTTG