[JaxPM] My PGP Key
j proctor
jproctor at oit.umass.edu
Sat Feb 10 17:15:27 CST 2001
On the jacksonville-pm-list; Jax.PM'er j proctor <jproctor at oit.umass.edu> wrote -
> Someone has been transversing the Internet acting like me
> in various capacities - downloading software, signing up
> for lists, giving out my personal and professional contact
> information and what not. Therefore I have found it
> necessary to incorporate more security into my various
> on-line activities. Sorry for the trouble this may
> cause you in the long run, but I must protect my interests.
The obvious response, considering my own laziness regarding verification
of the key and its provenance against a recognized certificate authority,
is to ask with a smirk how we know it's really you who sent us the key?
The *real* Sneex could be on vacation this weekend, and not see the
impostor on the list until next week.
And having just spent several hours discussing the various shortcomings of
modern host and network security methods, and in light of a suspicion of
attempted identity theft, is there any way we can ever really tell the
difference? Similarly, can I trust that Verisign (or whoever issued the
certificate) would be able to detect an impostor?
It's elephants all the way down!
j
Jax.PM Moderator's Note:
This message was posted to the Jacksonville Perl Monger's Group listserv.
The group manager can be reached at -- owner-jacksonville-pm-list at pm.org
to whom send all praises, complaints, or comments...
More information about the Jacksonville-pm
mailing list