Re: [LUG] HTML emails

To: DC LUG <list@xxxxxxxxxxxxx>

Subject: Re: [LUG] HTML emails

From: Grant Phillips-Sewell <dcglug@xxxxxxxxxxxxxxxxxxxxx>

Date: Thu, 8 Jun 2017 13:32:59 +0100

Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx

Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dclug.org.uk; s=1491642364; h=Sender:Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id:Subject:To:Message-ID:Date:From:References:In-Reply-To:MIME-Version; bh=JgSbxDtnhQBFR1CKo/5eepd+0kTT1hkaFq6tA79V+cQ=; b=B0iU0PWZLp55DSTwhGrBYk9AfA6QNFVwIwaREAKwBrTLZg1nf49Ahzp/cXHV2cBHDfe9j9FkjRQBE7prs5c85XUxFluI1XySlTF2EkGIxKcVyGBA599cVlxuc86LhFbLokyEv9Gg6+SmCzfdH3jatulzh16lcwcNj1IX3wRxKxs=;

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=phillips-sewell-co-uk.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=TXymXKwfwAiWw38wEpD2i3CXMpzYtQjUqU3lUXOJ/fM=; b=OZOM0gNxRlt8T6lmHrRS0g1uDof9dN970l5dCLmfXNAO3+HtHYHDBDLhAhpZNIQFCA kP2B/Ihorl0t7i98s/XvcX9xTXJPsnOQySHaOlFip8L3vQlPR8dzeAfvbVNXksM28PFr s+euHzIYVgosiLkaSHcSnAVBfIZsNriMM3ezhPUzxEYf8+mO54d2gTSL7+ASeO8v+hWN hw4eRBBydtCw13BTD8T07l7QMQzAGZDYsSh5bj6ZPiHcnOE8kt4q0WGSe4nBn1DRpwZt N1J0W+PeAkR6y25WPoKNpTtHTmE10hBbi1+sHt+nyMu7PdcKAPirboYbVCmtXzzaV0/3 oA9Q==

On 8 Jun 2017 13:22, "Grant Phillips-Sewell" <dcglug@xxxxxxxxxxxxxxxxxxxxx> wrote:

On 08/06/17 12:04, Grant Phillips-Sewell wrote:

> That - for me - is the downfall of the "PGP/GPG for security" argument.
> So person A has attached their PGP/GPG public key to their email so we
> know it's them... but only if we check, and I don't know about anyone
> else on here, but I don't check. How is it protecting against identity
> fraud if nobody checks?
>
> Grant.

You certainly have a point: if *nobody* checks.

Grant.

--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Precisely! I'm guessing that, given the speed of this reply, it wasn't difficult for you to assume my identify at all (likewise, if you know what's required you can even do it from your phone easily enough)... but how many people on here would know that it wasn't me even if I were to attach a PGP/GPG key to my emails?

Grant.

References:

[LUG] HTML emails
- From: M. J. Everitt
Re: [LUG] HTML emails
- From: Simon Avery
Re: [LUG] HTML emails
- From: Brad Rogers
Re: [LUG] HTML emails
- From: Simon Avery
Re: [LUG] HTML emails
- From: Grant Phillips-Sewell
Re: [LUG] HTML emails
- From: Grant Phillips-Sewell