>> Should I sign such messages or not? What's the Best Practice? I generally sign all my outgoing messages unless I *know* it will cause a problem on the receiving end. > You'd have to think about the added value of signing your messages sent > to a mailinglist. If you're replying 'RTFM' or just explaining a piece > of code, what's the added value of a PGP signature? The value is twofold -- one, it advertises the fact that I can handle signed (and by extension encrypted) mail, so hopefully other people who can also will be encouraged to encrypt their correspondence. Two, and more important, it helps get people used to seeing signatures and to the idea of encrypted and authenticated mail in general. This is important if we ever hope for its use to become commonplace. I don't think it causes that many problems for the recipient who doesn't grok it, frankly. In my experience they are almost always either "hey, what was that funny attachment anyway?" or else some mucking about the breaks the signature but leaves the message more or less alone -- and that's not a problem for the user who wouldn't have bothered to verify the signature anyway. -C
Attachment:
signature.asc
Description: OpenPGP digital signature